SHIELD: Fast, Practical Defense and Vaccination for Deep Learning using JPEG Compression

@inproceedings{Das2018SHIELDFP,
  title={SHIELD: Fast, Practical Defense and Vaccination for Deep Learning using JPEG Compression},
  author={Nilaksh Das and Madhuri Shanbhogue and Shang-Tse Chen and Fred Hohman and Siwei Li and Li Chen and Michael E. Kounavis and Duen Horng Chau},
  booktitle={KDD},
  year={2018}
}
The rapidly growing body of research in adversarial machine learning has demonstrated that deep neural networks (DNNs) are highly vulnerable to adversarially generated images. This underscores the urgent need for practical defense techniques that can be readily deployed to combat attacks in real-time. Observing that many attack strategies aim to perturb image pixels in ways that are visually imperceptible, we place JPEG compression at the core of our proposed SHIELD defense framework, utilizing… CONTINUE READING

Similar Papers

Figures, Tables, Results, and Topics from this paper.

Key Quantitative Results

  • We conducted extensive, large-scale experiments using the ImageNet dataset, and show that our approaches eliminate up to 98% of gray-box attacks delivered by strong adversarial techniques such as Carlini-Wagner's L2 attack and DeepFool.

Citations

Publications citing this paper.
SHOWING 1-10 OF 21 CITATIONS

The Efficacy of SHIELD under Different Threat Models

VIEW 4 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

CNN to predict visual saliency for single superpixel with local context and global context

Haofeng Li, Guanbin Li, Yizhou Yu
  • 2019
VIEW 3 EXCERPTS

References

Publications referenced by this paper.
SHOWING 1-6 OF 6 REFERENCES