Training Ensembles to Detect Adversarial Examples
2017-12-11Code Available0· sign in to hype
Alexander Bagnall, Razvan Bunescu, Gordon Stewart
Code Available — Be the first to reproduce this paper.
ReproduceCode
- github.com/bagnalla/ensemble_detect_advOfficialIn papertf★ 0
Abstract
We propose a new ensemble method for detecting and classifying adversarial examples generated by state-of-the-art attacks, including DeepFool and C&W. Our method works by training the members of an ensemble to have low classification error on random benign examples while simultaneously minimizing agreement on examples outside the training distribution. We evaluate on both MNIST and CIFAR-10, against oblivious and both white- and black-box adversaries.