Open Peer Review. Open Publishing. Open Access. Open Discussion. Open Directory. Open Recommendations. Open API. Open Source.
Defending DNN Adversarial Attacks with Pruning and Logits Augmentation
Shaokai Ye, Siyue Wang, Xiao Wang, Bo Yuan, Wujie Wen, Xue Lin
Feb 12, 2018 (modified: Jun 04, 2018)ICLR 2018 Workshop Submissionreaders: everyoneShow Bibtex
Abstract:Deep neural networks (DNNs) have been shown to be powerful models and perform extremely well on many complicated artificial intelligent tasks. However, recent research found that these powerful models are vulnerable to adversarial attacks, i.e., intentionally added imperceptible perturbations to DNN inputs can easily mislead the DNNs with extremely high confidence. In this work, we enhance the robustness of DNNs under adversarial attacks by using pruning method and logits augmentation, therefore, we achieve both higher defense against adversarial examples and more compressed DNN models. We have observed defense against adversarial attacks under the white box attack assumption. Our defense mechanisms work even better under the black box attack assumption.