Defending DNN Adversarial Attacks with Pruning and Logits Augmentation

Shaokai Ye; Siyue Wang; Xiao Wang; Bo Yuan; Wujie Wen; Xue Lin

Defending DNN Adversarial Attacks with Pruning and Logits Augmentation

Shaokai Ye, Siyue Wang, Xiao Wang, Bo Yuan, Wujie Wen, Xue Lin

12 Feb 2018 (modified: 05 May 2023)ICLR 2018 Workshop SubmissionReaders: Everyone

Abstract: Deep neural networks (DNNs) have been shown to be powerful models and perform extremely well on many complicated artificial intelligent tasks. However, recent research found that these powerful models are vulnerable to adversarial attacks, i.e., intentionally added imperceptible perturbations to DNN inputs can easily mislead the DNNs with extremely high confidence. In this work, we enhance the robustness of DNNs under adversarial attacks by using pruning method and logits augmentation, therefore, we achieve both higher defense against adversarial examples and more compressed DNN models. We have observed defense against adversarial attacks under the white box attack assumption. Our defense mechanisms work even better under the black box attack assumption.

Keywords: Adversarial Attacks, Neural Network Security, Weight Pruning, Logits Augmentation

TL;DR: Defending DNN Adversarial Attacks with Pruning and Logits Augmentation

3 Replies

Loading