Paper
4 January 2021 DVAE-SR: denoiser variational auto-encoder and super-resolution to counter adversarial attacks
Omar Dardour, Mourad Zaied, Petia Radeva
Author Affiliations +
Proceedings Volume 11605, Thirteenth International Conference on Machine Vision; 1160522 (2021) https://doi.org/10.1117/12.2586949
Event: Thirteenth International Conference on Machine Vision, 2020, Rome, Italy
Abstract
Recently, adversarial examples become one of the most dangerous risks in deep learning, which affects applications of real world such as robotics, cyber-security and computer vision. In image classification, adversarial attacks showed the ability to fool classifiers with small imperceptible perturbations added to the input. In this paper, we present an efficient defense mechanism, we call DVAE-SR that combine variational autoencoder and super-resolution to eliminate adversarial perturbation from image input before feeding it to the CNN classifier. The DVAE-SR can successfully defend against both white-box and black-box attacks without retraining CNN classifier and it recovers better accuracy than Defense-GAN and Defense-VAE.
© (2021) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Omar Dardour, Mourad Zaied, and Petia Radeva "DVAE-SR: denoiser variational auto-encoder and super-resolution to counter adversarial attacks", Proc. SPIE 11605, Thirteenth International Conference on Machine Vision, 1160522 (4 January 2021); https://doi.org/10.1117/12.2586949
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
Back to Top