Name
Title | ||
|---|---|---|
Detection Based Defense Against Adversarial Examples From The Steganalysis Point Of View |
Abstract | ||
|---|---|---|
Deep Neural Networks (DNNs) have recently led to significant improvements in many fields. However, DNNs are vulnerable to adversarial examples which are samples with imperceptible perturbations while dramatically misleading the DNNs. Moreover, adversarial examples can be used to perform an attack on various kinds of DNN based systems, even if the adversary has no access to the underlying model. Many defense methods have been proposed, such as obfuscating gradients of the networks or detecting adversarial examples. However it is proved out that these defense methods are not effective or cannot resist secondary adversarial attacks. In this paper, we point out that steganalysis can be applied to adversarial examples detection, and propose a method to enhance steganalysis features by estimating the probability of modifications caused by adversarial attacks. Experimental results show that the proposed method can accurately detect adversarial examples. Moreover, secondary adversarial attacks are hard to be directly performed to our method because our method is not based on a neural network but based on high-dimensional artificial features and Fisher Linear Discriminant ensemble. |
Year | DOI | Venue |
|---|---|---|
2019 | 10.1109/CVPR.2019.00496 | 2019 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR 2019) |
Field | DocType | ISSN |
Pattern recognition,Computer science,Artificial intelligence,Steganalysis,Machine learning,Adversarial system | Conference | 1063-6919 |
Citations | PageRank | References |
4 | 0.41 | 0 |
Authors | ||
7 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jiayang Liu | 1 | 14 | 5.95 |
| Weiming Zhang | 2 | 1104 | 88.72 |
| Yiwei Zhang | 3 | 52 | 12.65 |
| Dongdong Hou | 4 | 56 | 5.92 |
| Yujia Liu | 5 | 4 | 0.41 |
| Hong Yue | 6 | 5 | 1.10 |
| Nenghai Yu | 7 | 2238 | 183.33 |