Defending against Adversarial Images using Basis Functions Transformations

@article{Shaham2018DefendingAA,
  title={Defending against Adversarial Images using Basis Functions Transformations},
  author={Uri Shaham and James Garritano and Yutaro Yamada and Ethan Weinberger and Alexander Cloninger and Xiuyuan Cheng and Kelly P. Stanton and Yuval Kluger},
  journal={ArXiv},
  year={2018},
  volume={abs/1803.10840}
}
We study the effectiveness of various approaches that defend against adversarial attacks on deep networks via manipulations based on basis function representations of images. Specifically, we experiment with low-pass filtering, PCA, JPEG compression, low resolution wavelet approximation, and soft-thresholding. We evaluate these defense techniques using three types of popular attacks in black, gray and white-box settings. Our results show JPEG compression tends to outperform the other tested… CONTINUE READING
16
Twitter Mentions

Similar Papers

References

Publications referenced by this paper.
SHOWING 1-10 OF 21 REFERENCES

De-noising by soft-thresholding

  • IEEE Trans. Information Theory
  • 1995
VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL

Adversarial Examples: Attacks and Defenses for Deep Learning

  • IEEE transactions on neural networks and learning systems
  • 2019
VIEW 2 EXCERPTS

Defense Against Universal Adversarial Perturbations

  • 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition
  • 2017
VIEW 2 EXCERPTS