An integrated Auto Encoder-Block Switching defense approach to prevent adversarial attacks
Anirudh Yadav, Ashutosh Upadhyay, S. Sharanya
Code Available — Be the first to reproduce this paper.
ReproduceCode
- github.com/anirudh9784/Adversarial-Attacks-and-DefencesOfficialpytorch★ 21
- github.com/anirudh9784/Adversarial-Defensetf★ 21
Abstract
According to recent studies, the vulnerability of state-of-the-art Neural Networks to adversarial input samples has increased drastically. A neural network is an intermediate path or technique by which a computer learns to perform tasks using Machine learning algorithms. Machine Learning and Artificial Intelligence model has become a fundamental aspect of life, such as self-driving cars [1], smart home devices, so any vulnerability is a significant concern. The smallest input deviations can fool these extremely literal systems and deceive their users as well as administrator into precarious situations. This article proposes a defense algorithm that utilizes the combination of an auto-encoder [3] and block-switching architecture. Auto-coder is intended to remove any perturbations found in input images whereas the block switching method is used to make it more robust against White-box attacks. The attack is planned using FGSM [9] model, and the subsequent counter-attack by the proposed architecture will take place thereby demonstrating the feasibility and security delivered by the algorithm.
Tasks
Benchmark Results
| Dataset | Model | Metric | Claimed | Verified | Status |
|---|---|---|---|---|---|
| miniImageNet | Auto Encoder-Block Switching defense with GradCAM | Accuracy | 88.54 | — | Unverified |