Adversarial examples detection method based on boundary values invariants

YAN Fei, ZHANG Minglun, ZHANG Liqiang

doi:10.11959/j.issn.2096-109x.2020012

网络与信息安全学报 (Feb 2020)

Adversarial examples detection method based on boundary values invariants

YAN Fei, ZHANG Minglun, ZHANG Liqiang

Affiliations

YAN Fei, ZHANG Minglun, ZHANG Liqiang: Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China

DOI: https://doi.org/10.11959/j.issn.2096-109x.2020012
Journal volume & issue: Vol. 6, no. 1
pp. 28 – 35

Abstract

Read online

Nowadays, deep learning has become one of the most widely studied and applied technologies in the computer field. Deep neural networks(DNNs) have achieved greatly noticeable success in many applications such as image recognition, speech, self-driving and text translation. However, deep neural networks are vulnerable to adversarial examples that are generated by perturbing correctly classified inputs to cause DNN modes to misbehave. A boundary check method based on traditional programs by fitting the distribution to find the invariants in the deep neural network was proposed and it use the invariants to detect adversarial examples. The selection of training sets was irrelevant to adversarial examples. The experiment results show that proposed method can effectively detect the current adversarial example attacks on LeNet, vgg19 model, Mnist, Cifar10 dataset, and has a low false positive rate.

Published in 网络与信息安全学报

ISSN: 2096-109X (Print)
Publisher: POSTS&TELECOM PRESS Co., LTD
Country of publisher: China
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://www.infocomm-journal.com/cjnis/CN/2096-109X/home.shtml

About the journal

Abstract

Keywords