(AD)2: Adversarial domain adaptation to defense with adversarial perturbation removal. (February 2022)
- Record Type:
- Journal Article
- Title:
- (AD)2: Adversarial domain adaptation to defense with adversarial perturbation removal. (February 2022)
- Main Title:
- (AD)2: Adversarial domain adaptation to defense with adversarial perturbation removal
- Authors:
- Han, Keji
Xia, Bin
Li, Yun - Abstract:
- Highlights: We propose a modularized defense framework, which detects and removes adversarial perturbations from detected adversarial examples. We analyze the impact of reconstruction error metric on accuracy of generative detection method and prove its validation. Experimental results demonstrate our method can mitigate the odds between accuracy and robustness for deep neural networks."?> Abstract: Deep Neural Networks (DNNs) are demonstrated to be vulnerable to adversarial examples, which are crafted by adding adversarial perturbations to the legitimate examples. To address this issue, some defense methods have been proposed. Among them, the adversarial training (AT) is a popular method to improve the robustness of DNNs. However, theory analysis has shown that in the adversarial training framework, the improvement of the robustness will lead to a decline of standard accuracy. In this paper, we propose a modularized defense framework, namely Adversarial Domain Adaptation to Defense ((AD) 2 ). Different from all adversarial training methods, (AD) 2 detects adversarial example using a generative algorithm and applies the adversarial domain adaptation method to remove adversarial perturbation. Experimental results show that (AD) 2 is effective to remove the adversarial perturbation and mitigate the odds between the robustness and standard accuracy for DNNs.
- Is Part Of:
- Pattern recognition. Volume 122(2022)
- Journal:
- Pattern recognition
- Issue:
- Volume 122(2022)
- Issue Display:
- Volume 122, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 122
- Issue:
- 2022
- Issue Sort Value:
- 2022-0122-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-02
- Subjects:
- Deep learning -- Adversarial example -- Domain adaptation
Pattern perception -- Periodicals
Perception des structures -- Périodiques
Patroonherkenning
006.4 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00313203 ↗
http://www.sciencedirect.com/ ↗ - DOI:
- 10.1016/j.patcog.2021.108303 ↗
- Languages:
- English
- ISSNs:
- 0031-3203
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 19718.xml