DefenseFea: An Input Transformation Feature Searching Algorithm Based Latent Space for Adversarial Defense
Deep neural networks based image classification systems could suffer from adversarial attack algorithms, which generate input examples by adding deliberately crafted yet imperceptible noise to original input images. These crafted examples can fool systems and further threaten their security. In this...
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Sciendo
2024-02-01
|
| Series: | Foundations of Computing and Decision Sciences |
| Subjects: | |
| Online Access: | https://doi.org/10.2478/fcds-2024-0002 |
| _version_ | 1797303099447050240 |
|---|---|
| author | Pan Zhang Yangjie Cao Chenxi Zhu Yan Zhuang Haobo Wang Jie Li |
| author_facet | Pan Zhang Yangjie Cao Chenxi Zhu Yan Zhuang Haobo Wang Jie Li |
| author_sort | Pan Zhang |
| collection | DOAJ |
| description | Deep neural networks based image classification systems could suffer from adversarial attack algorithms, which generate input examples by adding deliberately crafted yet imperceptible noise to original input images. These crafted examples can fool systems and further threaten their security. In this paper, we propose to use latent space protect image classification. Specifically, we train a feature searching network to make up the difference between adversarial examples and clean examples with label guided loss function. We name it DefenseFea(input transformation based defense with label guided loss function), experimental result shows that DefenseFea can improve the rate of adversarial examples that achieved a success rate of about 99% on a specific set of 5000 images from ILSVRC 2012. This study plays a positive role in the further investigation of the relationship between adversarial examples and clean examples. |
| first_indexed | 2024-03-07T23:48:04Z |
| format | Article |
| id | doaj.art-55705007d66f480caaacbe5c6153442e |
| institution | Directory Open Access Journal |
| issn | 2300-3405 |
| language | English |
| last_indexed | 2024-03-07T23:48:04Z |
| publishDate | 2024-02-01 |
| publisher | Sciendo |
| record_format | Article |
| series | Foundations of Computing and Decision Sciences |
| spelling | doaj.art-55705007d66f480caaacbe5c6153442e2024-02-19T09:03:40ZengSciendoFoundations of Computing and Decision Sciences2300-34052024-02-01491213610.2478/fcds-2024-0002DefenseFea: An Input Transformation Feature Searching Algorithm Based Latent Space for Adversarial DefensePan Zhang0Yangjie Cao1Chenxi Zhu2Yan Zhuang3Haobo Wang4Jie Li51School of Cyber Science and Engineering, Zhengzhou University, Zhengzhou, China1School of Cyber Science and Engineering, Zhengzhou University, Zhengzhou, China1School of Cyber Science and Engineering, Zhengzhou University, Zhengzhou, China1School of Cyber Science and Engineering, Zhengzhou University, Zhengzhou, China1School of Cyber Science and Engineering, Zhengzhou University, Zhengzhou, China2Department of Computer Science and Engineering, Shanghai Jiaotong University, ChinaDeep neural networks based image classification systems could suffer from adversarial attack algorithms, which generate input examples by adding deliberately crafted yet imperceptible noise to original input images. These crafted examples can fool systems and further threaten their security. In this paper, we propose to use latent space protect image classification. Specifically, we train a feature searching network to make up the difference between adversarial examples and clean examples with label guided loss function. We name it DefenseFea(input transformation based defense with label guided loss function), experimental result shows that DefenseFea can improve the rate of adversarial examples that achieved a success rate of about 99% on a specific set of 5000 images from ILSVRC 2012. This study plays a positive role in the further investigation of the relationship between adversarial examples and clean examples.https://doi.org/10.2478/fcds-2024-0002adversarial attackadversarial defenselatent spaceadversarial training |
| spellingShingle | Pan Zhang Yangjie Cao Chenxi Zhu Yan Zhuang Haobo Wang Jie Li DefenseFea: An Input Transformation Feature Searching Algorithm Based Latent Space for Adversarial Defense Foundations of Computing and Decision Sciences adversarial attack adversarial defense latent space adversarial training |
| title | DefenseFea: An Input Transformation Feature Searching Algorithm Based Latent Space for Adversarial Defense |
| title_full | DefenseFea: An Input Transformation Feature Searching Algorithm Based Latent Space for Adversarial Defense |
| title_fullStr | DefenseFea: An Input Transformation Feature Searching Algorithm Based Latent Space for Adversarial Defense |
| title_full_unstemmed | DefenseFea: An Input Transformation Feature Searching Algorithm Based Latent Space for Adversarial Defense |
| title_short | DefenseFea: An Input Transformation Feature Searching Algorithm Based Latent Space for Adversarial Defense |
| title_sort | defensefea an input transformation feature searching algorithm based latent space for adversarial defense |
| topic | adversarial attack adversarial defense latent space adversarial training |
| url | https://doi.org/10.2478/fcds-2024-0002 |
| work_keys_str_mv | AT panzhang defensefeaaninputtransformationfeaturesearchingalgorithmbasedlatentspaceforadversarialdefense AT yangjiecao defensefeaaninputtransformationfeaturesearchingalgorithmbasedlatentspaceforadversarialdefense AT chenxizhu defensefeaaninputtransformationfeaturesearchingalgorithmbasedlatentspaceforadversarialdefense AT yanzhuang defensefeaaninputtransformationfeaturesearchingalgorithmbasedlatentspaceforadversarialdefense AT haobowang defensefeaaninputtransformationfeaturesearchingalgorithmbasedlatentspaceforadversarialdefense AT jieli defensefeaaninputtransformationfeaturesearchingalgorithmbasedlatentspaceforadversarialdefense |