K-Anonymity inspired adversarial attack and multiple one-class classification defense. (April 2020)
- Record Type:
- Journal Article
- Title:
- K-Anonymity inspired adversarial attack and multiple one-class classification defense. (April 2020)
- Main Title:
- K-Anonymity inspired adversarial attack and multiple one-class classification defense
- Authors:
- Mygdalis, Vasileios
Tefas, Anastasios
Pitas, Ioannis - Abstract:
- Abstract: A novel adversarial attack methodology for fooling deep neural network classifiers in image classification tasks is proposed, along with a novel defense mechanism to counter such attacks. Two concepts are introduced, namely the K-Anonymity-inspired Adversarial Attack (K-A 3 ) and the Multiple Support Vector Data Description Defense (M-SVDD-D). The proposed K-A 3 introduces novel optimization criteria to standard adversarial attack methodologies, inspired by the K-Anonymity principles. Its generated adversarial examples are not only misclassified by the neural network classifier, but are uniformly spread along K different ranked output positions. The proposed M-SVDD-D consists of a deep neural architecture layer consisting of multiple non-linear one-class classifiers based on Support Vector Data Description that can be used to replace the final linear classification layer of a deep neural architecture, and an additional class verification mechanism. Its application decreases the effectiveness of adversarial attacks, by increasing the noise energy required to deceive the protected model, attributed to the introduced non-linearity. In addition, M-SVDD-D can be used to prevent adversarial attacks in black-box attack settings.
- Is Part Of:
- Neural networks. Volume 124(2020)
- Journal:
- Neural networks
- Issue:
- Volume 124(2020)
- Issue Display:
- Volume 124, Issue 2020 (2020)
- Year:
- 2020
- Volume:
- 124
- Issue:
- 2020
- Issue Sort Value:
- 2020-0124-2020-0000
- Page Start:
- 296
- Page End:
- 307
- Publication Date:
- 2020-04
- Subjects:
- K-Anonymity -- Adversarial defense -- Adversarial attack -- Deep SVDD -- Kernel learning
Neural computers -- Periodicals
Neural networks (Computer science) -- Periodicals
Neural networks (Neurobiology) -- Periodicals
Nervous System -- Periodicals
Ordinateurs neuronaux -- Périodiques
Réseaux neuronaux (Informatique) -- Périodiques
Réseaux neuronaux (Neurobiologie) -- Périodiques
Neural computers
Neural networks (Computer science)
Neural networks (Neurobiology)
Periodicals
006.32 - Journal URLs:
- http://www.sciencedirect.com/science/journal/08936080 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.neunet.2020.01.015 ↗
- Languages:
- English
- ISSNs:
- 0893-6080
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 6081.280800
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 13387.xml