دورية أكاديمية
Ally patches for spoliation of adversarial patches
| العنوان: | Ally patches for spoliation of adversarial patches |
|---|---|
| المؤلفون: | Alaa E. Abdel-Hakim |
| المصدر: | Journal of Big Data, Vol 6, Iss 1, Pp 1-14 (2019) |
| بيانات النشر: | SpringerOpen, 2019. |
| سنة النشر: | 2019 |
| المجموعة: | LCC:Computer engineering. Computer hardware LCC:Information technology LCC:Electronic computers. Computer science |
| مصطلحات موضوعية: | Adversarial patches, Ally patches, CNN, Deep neural networks, Computer engineering. Computer hardware, TK7885-7895, Information technology, T58.5-58.64, Electronic computers. Computer science, QA75.5-76.95 |
| الوصف: | Abstract Adversarial attacks represent a serious evolving threat to the operation of deep neural networks. Recently, adversarial algorithms were developed to facilitate hallucination of deep neural networks for ordinary attackers. State-of-the-arts algorithms could generate offline printable adversarial patches that can be interspersed within fields of view of the capturing cameras in an innocently unnoticeable action. In this paper, we propose an algorithm to ravage the operation of these adversarial patches. The proposed algorithm uses intrinsic information contents of the input image to extract a set of ally patches. The extracted patches break the salience of the attacking adversarial patch to the network. To our knowledge, this is the first time to address the defense problem against such kinds of adversarial attacks by counter-processing the input image in order to ravage the effect of any possible adversarial patches. The classification decision is taken according to a late-fusion strategy applied to the independent classifications generated by the extracted patch alliance. Evaluation experiments were conducted on the 1000 classes of the ILSVRC benchmark. Different convolutional neural network models and varying-scale adversarial patches were used in the experimentation. Evaluation results showed the effectiveness of the proposed ally patches in reducing the success rates of adversarial patches. |
| نوع الوثيقة: | article |
| وصف الملف: | electronic resource |
| اللغة: | English |
| تدمد: | 2196-1115 |
| Relation: | http://link.springer.com/article/10.1186/s40537-019-0213-4; https://doaj.org/toc/2196-1115 |
| DOI: | 10.1186/s40537-019-0213-4 |
| URL الوصول: | https://doaj.org/article/2732fb83c6ec411fbd8d9e5122c22604 |
| رقم الأكسشن: | edsdoj.2732fb83c6ec411fbd8d9e5122c22604 |
| قاعدة البيانات: | Directory of Open Access Journals |
Find this article in full text from Springer Verlag. 
Full Text Finder | تدمد: | 21961115 |
|---|---|
| DOI: | 10.1186/s40537-019-0213-4 |