File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1109/BigData47090.2019.9006090
- Scopus: eid_2-s2.0-85081381101
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: Denoising and Verification Cross-Layer Ensemble Against Black-box Adversarial Attacks
| Title | Denoising and Verification Cross-Layer Ensemble Against Black-box Adversarial Attacks |
|---|---|
| Authors | |
| Keywords | adversarial deep learning ensemble defense ensemble diversity robustness |
| Issue Date | 2019 |
| Citation | Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019, 2019, p. 1282-1291 How to Cite? |
| Abstract | Deep neural networks (DNNs) have demonstrated impressive performance on many challenging machine learning tasks. However, DNNs are vulnerable to adversarial inputs generated by adding maliciously crafted perturbations to the benign inputs. As a growing number of attacks have been reported to generate adversarial inputs of varying sophistication, the defense-attack arms race has been accelerated. In this paper, we present MODEF, a cross-layer model diversity ensemble framework. MODEF intelligently combines unsupervised model denoising ensemble with supervised model verification ensemble by quantifying model diversity, aiming to boost the robustness of the target model against adversarial examples. Evaluated using eleven representative attacks on popular benchmark datasets, we show that MODEF achieves remarkable defense success rates, compared with existing defense methods, and provides a superior capability of repairing adversarial inputs and making correct predictions with high accuracy in the presence of black-box attacks. |
| Persistent Identifier | http://hdl.handle.net/10722/343297 |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Chow, Ka Ho | - |
| dc.contributor.author | Wei, Wenqi | - |
| dc.contributor.author | Wu, Yanzhao | - |
| dc.contributor.author | Liu, Ling | - |
| dc.date.accessioned | 2024-05-10T09:07:00Z | - |
| dc.date.available | 2024-05-10T09:07:00Z | - |
| dc.date.issued | 2019 | - |
| dc.identifier.citation | Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019, 2019, p. 1282-1291 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/343297 | - |
| dc.description.abstract | Deep neural networks (DNNs) have demonstrated impressive performance on many challenging machine learning tasks. However, DNNs are vulnerable to adversarial inputs generated by adding maliciously crafted perturbations to the benign inputs. As a growing number of attacks have been reported to generate adversarial inputs of varying sophistication, the defense-attack arms race has been accelerated. In this paper, we present MODEF, a cross-layer model diversity ensemble framework. MODEF intelligently combines unsupervised model denoising ensemble with supervised model verification ensemble by quantifying model diversity, aiming to boost the robustness of the target model against adversarial examples. Evaluated using eleven representative attacks on popular benchmark datasets, we show that MODEF achieves remarkable defense success rates, compared with existing defense methods, and provides a superior capability of repairing adversarial inputs and making correct predictions with high accuracy in the presence of black-box attacks. | - |
| dc.language | eng | - |
| dc.relation.ispartof | Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019 | - |
| dc.subject | adversarial deep learning | - |
| dc.subject | ensemble defense | - |
| dc.subject | ensemble diversity | - |
| dc.subject | robustness | - |
| dc.title | Denoising and Verification Cross-Layer Ensemble Against Black-box Adversarial Attacks | - |
| dc.type | Conference_Paper | - |
| dc.description.nature | link_to_subscribed_fulltext | - |
| dc.identifier.doi | 10.1109/BigData47090.2019.9006090 | - |
| dc.identifier.scopus | eid_2-s2.0-85081381101 | - |
| dc.identifier.spage | 1282 | - |
| dc.identifier.epage | 1291 | - |