LanCeX: A Versatile and Lightweight Defense Method against Condensed Adversarial Attacks in Image and Audio Recognition
| dc.contributor.author | Xu, Zirui | |
| dc.contributor.author | Yu, Fuxun | |
| dc.contributor.author | Chen, Xiang | |
| dc.contributor.author | Liu, Chenchen | |
| dc.date.accessioned | 2022-08-23T14:47:59Z | |
| dc.date.available | 2022-08-23T14:47:59Z | |
| dc.date.issued | 2022-08-09 | |
| dc.description.abstract | Convolutional Neural Networks (CNNs) are widely deployed in various embedded recognition applications. However, they demonstrate a considerable vulnerability to adversarial attacks, which leverage the well-designed perturbations to mislead the recognition results. Recently, for easier perturbation injection and higher attack effectiveness, the adversarial perturbations are concentrated into a small area with various types and different data modalities. When defending such condensed adversarial attacks on the embedded recognition scenarios, most of the existing defense works show two critical issues: First, they are particularly designed for each individual condensed attack scenario, lacking enough versatility to accommodate attacks with different data modalities. Second, they rely on computation-intensive pre-processing techniques, which is impractical for time-sensitive embedded recognition scenarios. In this paper, we propose LanCeX – a versatile and lightweight CNN defense solution against condensed adversarial attacks. By examining CNN’s intrinsic vulnerability, we first identify the common attacking mechanism behind condensed adversarial attacks across different data modalities. Based on this mechanism, LanCeX can defend against various condensed attacks with the optimal computation workload in different recognition scenarios. Experiments show that LanCeX can achieve an average 91%, 85%, and 90% detection success rate and optimal adversarial mitigation performance in three recognition scenarios, e.g. image classification, object detection, and audio recognition. Moreover, LanCeX is at most 3 × faster compared with the state-of-the-art defense methods, making it feasible to resource-constrained embedded systems. | en_US |
| dc.description.uri | https://dl.acm.org/doi/abs/10.1145/3555375 | en_US |
| dc.format.extent | 22 pages | en_US |
| dc.genre | journal articles | en_US |
| dc.genre | postprints | en_US |
| dc.identifier | doi:10.13016/m2ltug-sip8 | |
| dc.identifier.citation | Zirui Xu, Fuxun Yu, Xiang Chen, and Chenchen Liu. 2022. LanCeX: A Versatile and Lightweight Defense Method against Condensed Adversarial Attacks in Image and Audio Recognition. ACM Trans. Embed. Comput. Syst. Just Accepted (July 2022). https://doi.org/10.1145/3555375 | en_US |
| dc.identifier.uri | https://doi.org/10.1145/3555375 | |
| dc.identifier.uri | http://hdl.handle.net/11603/25549 | |
| dc.language.iso | en_US | en_US |
| dc.publisher | ACM | en_US |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | en_US |
| dc.title | LanCeX: A Versatile and Lightweight Defense Method against Condensed Adversarial Attacks in Image and Audio Recognition | en_US |
| dc.type | Text | en_US |
| dcterms.creator | https://orcid.org/0000-0001-7749-0640 | en_US |