EITGAN: A Transformation-based Network for recovering adversarial examples
Adversarial examples have been shown to easily mislead neural networks, and many strategies have been proposed to defend them. To address the problem that most transformation-based defense strategies will degrade the accuracy of clean images, we proposed an Enhanced Image Transformation Generative A...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
AIMS Press
2023-10-01
|
| Series: | Electronic Research Archive |
| Subjects: | |
| Online Access: | https://www.aimspress.com/article/doi/10.3934/era.2023335?viewType=HTML |
| _version_ | 1827632168292057088 |
|---|---|
| author | Junjie Zhao Junfeng Wu James Msughter Adeke Guangjie Liu Yuewei Dai |
| author_facet | Junjie Zhao Junfeng Wu James Msughter Adeke Guangjie Liu Yuewei Dai |
| author_sort | Junjie Zhao |
| collection | DOAJ |
| description | Adversarial examples have been shown to easily mislead neural networks, and many strategies have been proposed to defend them. To address the problem that most transformation-based defense strategies will degrade the accuracy of clean images, we proposed an Enhanced Image Transformation Generative Adversarial Network (EITGAN). Positive perturbations were employed in the EITGAN to counteract adversarial effects while enhancing the classified performance of the samples. We also used the image super-resolution method to mitigate the effect of adversarial perturbations. The proposed method does not require modification or retraining of the classifier. Extensive experiments demonstrated that the enhanced samples generated by the EITGAN effectively defended against adversarial attacks without compromising human visual recognition, and their classification performance was superior to that of clean images. |
| first_indexed | 2024-03-09T14:32:18Z |
| format | Article |
| id | doaj.art-ff40223578354f3aabe06689a3bb8996 |
| institution | Directory Open Access Journal |
| issn | 2688-1594 |
| language | English |
| last_indexed | 2024-03-09T14:32:18Z |
| publishDate | 2023-10-01 |
| publisher | AIMS Press |
| record_format | Article |
| series | Electronic Research Archive |
| spelling | doaj.art-ff40223578354f3aabe06689a3bb89962023-11-28T01:26:39ZengAIMS PressElectronic Research Archive2688-15942023-10-0131116634665610.3934/era.2023335EITGAN: A Transformation-based Network for recovering adversarial examplesJunjie Zhao 0Junfeng Wu1James Msughter Adeke2Guangjie Liu 3 Yuewei Dai 41. School of Electronics and Information Engineering, Nanjing University of Information Science and Technology, Nanjing 210044, China2. School of Computer Science, Nanjing University of Information Science and Technology, Nanjing 210044, China1. School of Electronics and Information Engineering, Nanjing University of Information Science and Technology, Nanjing 210044, China1. School of Electronics and Information Engineering, Nanjing University of Information Science and Technology, Nanjing 210044, China1. School of Electronics and Information Engineering, Nanjing University of Information Science and Technology, Nanjing 210044, China3. Nanjing Center For Applied Mathematics, Nanjing 211135, ChinaAdversarial examples have been shown to easily mislead neural networks, and many strategies have been proposed to defend them. To address the problem that most transformation-based defense strategies will degrade the accuracy of clean images, we proposed an Enhanced Image Transformation Generative Adversarial Network (EITGAN). Positive perturbations were employed in the EITGAN to counteract adversarial effects while enhancing the classified performance of the samples. We also used the image super-resolution method to mitigate the effect of adversarial perturbations. The proposed method does not require modification or retraining of the classifier. Extensive experiments demonstrated that the enhanced samples generated by the EITGAN effectively defended against adversarial attacks without compromising human visual recognition, and their classification performance was superior to that of clean images.https://www.aimspress.com/article/doi/10.3934/era.2023335?viewType=HTMLenhanced samplegenerative adversarial networkadversarial defensedeep learningadversarial exampleimage processing |
| spellingShingle | Junjie Zhao Junfeng Wu James Msughter Adeke Guangjie Liu Yuewei Dai EITGAN: A Transformation-based Network for recovering adversarial examples Electronic Research Archive enhanced sample generative adversarial network adversarial defense deep learning adversarial example image processing |
| title | EITGAN: A Transformation-based Network for recovering adversarial examples |
| title_full | EITGAN: A Transformation-based Network for recovering adversarial examples |
| title_fullStr | EITGAN: A Transformation-based Network for recovering adversarial examples |
| title_full_unstemmed | EITGAN: A Transformation-based Network for recovering adversarial examples |
| title_short | EITGAN: A Transformation-based Network for recovering adversarial examples |
| title_sort | eitgan a transformation based network for recovering adversarial examples |
| topic | enhanced sample generative adversarial network adversarial defense deep learning adversarial example image processing |
| url | https://www.aimspress.com/article/doi/10.3934/era.2023335?viewType=HTML |
| work_keys_str_mv | AT junjiezhao eitganatransformationbasednetworkforrecoveringadversarialexamples AT junfengwu eitganatransformationbasednetworkforrecoveringadversarialexamples AT jamesmsughteradeke eitganatransformationbasednetworkforrecoveringadversarialexamples AT guangjieliu eitganatransformationbasednetworkforrecoveringadversarialexamples AT yueweidai eitganatransformationbasednetworkforrecoveringadversarialexamples |