Corpus ID: 18709105

Adversarial and Clean Data Are Not Twins

  title={Adversarial and Clean Data Are Not Twins},
  author={Zhitao Gong and Wenlu Wang and W. Ku},
  • Zhitao Gong, Wenlu Wang, W. Ku
  • Published 2017
  • Computer Science, Mathematics
  • ArXiv
  • Adversarial attack has cast a shadow on the massive success of deep neural networks. Despite being almost visually identical to the clean data, the adversarial images can fool deep neural networks into wrong predictions with very high confidence. In this paper, however, we show that we can build a simple binary classifier separating the adversarial apart from the clean data with accuracy over 99%. We also empirically show that the binary classifier is robust to a second-round adversarial attack… CONTINUE READING

    Figures, Tables, and Topics from this paper.

    Defending Against Adversarial Attacks by Leveraging an Entire GAN
    • 16
    • PDF
    Adversarial Defense via Learning to Generate Diverse Attacks
    • 10
    • Highly Influenced
    • PDF
    Adversarial Robustness via Runtime Masking and Cleansing
    Simultaneous Adversarial Training - Learn from Others’ Mistakes
    • 1
    • PDF
    Towards Robust Detection of Adversarial Examples
    • 62
    • PDF
    Adversarial Attack? Don't Panic
    Where Classification Fails, Interpretation Rises
    ReabsNet: Detecting and Revising Adversarial Examples
    • 2
    • PDF
    Divide-and-Conquer Adversarial Detection
    • 2
    • Highly Influenced
    PixelDefend: Leveraging Generative Models to Understand and Defend against Adversarial Examples
    • 330
    • PDF


    Publications referenced by this paper.
    Explaining and Harnessing Adversarial Examples
    • 5,557
    • PDF
    Adversarial Machine Learning at Scale
    • 1,090
    • PDF
    Adversarial examples in the physical world
    • 1,941
    • Highly Influential
    • PDF
    Learning with a Strong Adversary
    • 196
    • PDF
    Intriguing properties of neural networks
    • 5,271
    • PDF