Adversarial and Clean Data Are Not Twins

@article{Gong2017AdversarialAC,
  title={Adversarial and Clean Data Are Not Twins},
  author={Zhitao Gong and Wenlu Wang and Wei-Shinn Ku},
  journal={CoRR},
  year={2017},
  volume={abs/1704.04960}
}
Adversarial attack has cast a shadow on the massive success of deep neural networks. Despite being almost visually identical to the clean data, the adversarial images can fool deep neural networks into wrong predictions with very high confidence. In this paper, however, we show that we can build a simple binary classifier separating the adversarial apart from the clean data with accuracy over 99%. We also empirically show that the binary classifier is robust to a secondround adversarial attack… CONTINUE READING
Highly Cited
This paper has 43 citations. REVIEW CITATIONS
33 Citations
11 References
Similar Papers

References

Publications referenced by this paper.
Showing 1-10 of 11 references

The limitations of deep learning in adversarial settings

  • Papernot, Nicolas, +9 authors Ananthram
  • 2015
Highly Influential
12 Excerpts

Learning a driving

  • Santana, Eder, Hotz, George
  • simulator. abs/1608.01230,
  • 2016

Similar Papers

Loading similar papers…