Tab2Gan: Utilizing image conversion and Gan inversion for tabular model robustness
Keywords: robustness, adversarial attack, gan inversion, structured data, security
Abstract: New advanced adversarial attacks are emerging rapidly.
These threats have prompted the development of various defense strategies, including robustness techniques.
In this paper we propose a novel attack-agnostic robustness method that utilizes the generative capabilities of image based generative adversarial networks (GANS) to enhance the robustness of classical machine learning models trained on structured (tabular) data.
To safeguard the target models, we employ two GANs, each trained on benign data from different classes.
These GANs function as a defensive mechanism by classifying incoming inputs, whether they are benign or adversarial, and then reconstructing them within the benign data distribution of each respective GAN before presenting them to the target model.
In our evaluation, conducted on three commonly known structured datasets and two conventional machine learning models, our proposed robustness approach consistently outperformed the existing techniques in the field.
In most of the experiments applying the suggested robustness method yields classification accuracy results that closely align with the benign accuracy rate of 99% i.e., the target model performs as if it has not been subjected to any attack whatsoever.
Primary Area: general machine learning (i.e., none of the above)
Code Of Ethics: I acknowledge that I and all co-authors of this work have read and commit to adhering to the ICLR Code of Ethics.
Submission Guidelines: I certify that this submission complies with the submission instructions as described on https://iclr.cc/Conferences/2024/AuthorGuide.
Anonymous Url: I certify that there is no URL (e.g., github page) that could be used to find authors' identity.
No Acknowledgement Section: I certify that there is no acknowledgement section in this submission for double blind review.
Submission Number: 7855
Loading