Go to ICCCSEC 2021 homepageAdversarial Defense Networks via Gaussian Noise and RBF
Abstract: Convolutional Neural Networks (CNNs) have excellent representative power and are state-of-the-art classifiers on many tasks. However, CNNs are vulnerable to adversarial examples, which are samples with imperceptible perturbations while dramatically misleading the CNNs. It has been found that, in past studies, Radial Basis Function (RBF) network can effectively reduce the linearization of the neural networks model, and Gaussian noise injection can prevent the network from overfitting, all of which are conducive for defending against adversarial examples. In this paper, we propose an incorporated defense method with Gaussian noise injection and RBF network, and analytically investigate the robustness mechanism of incorporated defense method. For our proposed method, it has the following two advantages: (1) it has significant classification accuracy, and (2) it can resist to various adversarial attacks effectively. The experimental results show the proposed method achieves the performance of about 79.25% accuracy on MNIST dataset and 43.87% accuracy on Fashion-MNIST dataset, even in the full white-box attack where attackers can craft malicious adversarial examples from defense models.
0 Replies
Loading