DVAE-SR: denoiser variational auto-encoder and super-resolution to counter adversarial attacks
Omar Dardour, Mourad Zaied, Petia Radeva
- 发表年份
- 2021
- 引用次数
- 2
摘要
Recently, adversarial examples become one of the most dangerous risks in deep learning, which affects applications of real world such as robotics, cyber-security and computer vision. In image classification, adversarial attacks showed the ability to fool classifiers with small imperceptible perturbations added to the input. In this paper, we present an efficient defense mechanism, we call DVAE-SR that combine variational autoencoder and super-resolution to eliminate adversarial perturbation from image input before feeding it to the CNN classifier. The DVAE-SR can successfully defend against both white-box and black-box attacks without retraining CNN classifier and it recovers better accuracy than Defense-GAN and Defense-VAE.
关键词
相关论文
Statistical Learning Theory
Yuhai Wu, Vladimir Vapnik
1999
Artificial intelligence: a modern approach
1995
Applied Nonlinear Control
Jean-Jacques Slotine, Weiping Li
1991
A new optimizer using particle swarm theory
R.C. Eberhart, James Kennedy
2002