Detecting Adversarial Examples in Deep Neural Networks using Normalizing Filters
| dc.contributor.author | Gu, Shuangchi | |
| dc.contributor.author | Yi, Ping | |
| dc.contributor.author | Zhu, Ting | |
| dc.contributor.author | Yao, Yao | |
| dc.contributor.author | Wang, Wei | |
| dc.date.accessioned | 2019-12-20T16:17:01Z | |
| dc.date.available | 2019-12-20T16:17:01Z | |
| dc.date.issued | 2019 | |
| dc.description | In Proceedings of the 11th International Conference on Agents and Artificial Intelligence (ICAART 2019) | en_US |
| dc.description.abstract | Deep neural networks are vulnerable to adversarial examples which are inputs modified with unnoticeable but malicious perturbations. Most defending methods only focus on tuning the DNN itself, but we propose a novel defending method which modifies the input data to detect the adversarial examples. We establish a detection framework based on normalizing filters that can partially erase those perturbations by smoothing the input image or depth reduction work. The framework gives the decision by comparing the classification results of original input and multiple normalized inputs. Using several combinations of gaussian blur filter, median blur filter and depth reduction filter, the evaluation results reaches a high detection rate and achieves partial restoration work of adversarial examples in MNIST dataset. The whole detection framework is a low-cost highly extensible strategy in DNN defending works. | en_US |
| dc.description.sponsorship | This work is supported by the National Natural Science Foundation of China(61571290, 61831007, 61431008), National Key Research and Development Program of China (2017YFB0802900, 2017YFB0802300, 2018YFB0803503), Shanghai Municipal Science and Technology Project under grant (16511102605, 16DZ1200702), NSF grants 1652669 and 1539047. | en_US |
| dc.description.uri | http://www.scitepress.org/DigitalLibrary/Link.aspx?doi=10.5220/0007370301640173 | en_US |
| dc.format.extent | 10 pages | en_US |
| dc.genre | conference papers and proceedings | en_US |
| dc.identifier | doi:10.13016/m2ffkj-sy8k | |
| dc.identifier.citation | Gu, Shuangchi; Yi, Ping; Zhu, Ting; Yao, Yao; Wang, Wei; Detecting Adversarial Examples in Deep Neural Networks using Normalizing Filters; In Proceedings of the 11th International Conference on Agents and Artificial Intelligence - Volume 1: ICAART, pages 164-173 (2019); http://www.scitepress.org/DigitalLibrary/Link.aspx?doi=10.5220/0007370301640173 | en_US |
| dc.identifier.uri | https://doi.org/10.5220/0007370301640173 | |
| dc.identifier.uri | http://hdl.handle.net/11603/16930 | |
| dc.language.iso | en_US | en_US |
| dc.publisher | ScitePress | en_US |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) | * |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
| dc.subject | normalizing filter | en_US |
| dc.subject | adversarial example | en_US |
| dc.subject | detection framework | en_US |
| dc.title | Detecting Adversarial Examples in Deep Neural Networks using Normalizing Filters | en_US |
| dc.type | Text | en_US |