| Title | Defending Against Adversarial Attacks in Deep Learning with Robust Auxiliary Classifiers Utilizing Bit Plane Slicing |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Liu, Yuan, Zhou, Pingqiang |
| Conference Name | 2020 Asian Hardware Oriented Security and Trust Symposium (AsianHOST) |
| Date Published | Dec. 2020 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-8952-9 |
| Keywords | adversarial defense, bit plane slicing, composability, convolution, Deep Learning, Hardware, Metrics, Neural networks, object oriented security, Perturbation methods, pubcrawl, Resiliency, security, security of neural networks |
| Abstract | Deep Neural Networks (DNNs) have been widely used in variety of fields with great success. However, recent researches indicate that DNNs are susceptible to adversarial attacks, which can easily fool the well-trained DNNs without being detected by human eyes. In this paper, we propose to combine the target DNN model with robust bit plane classifiers to defend against adversarial attacks. It comes from our finding that successful attacks generate imperceptible perturbations, which mainly affects the low-order bits of pixel value in clean images. Hence, using bit planes instead of traditional RGB channels for convolution can effectively reduce channel modification rate. We conduct experiments on dataset CIFAR-10 and GTSRB. The results show that our defense method can effectively increase the model accuracy on average from 8.72% to 85.99% under attacks on CIFAR-10 without sacrificina accuracy of clean images. |
| URL | https://ieeexplore.ieee.org/document/9358268 |
| DOI | 10.1109/AsianHOST51057.2020.9358268 |
| Citation Key | liu_defending_2020 |
Defending Against Adversarial Attacks in Deep Learning with Robust Auxiliary Classifiers Utilizing Bit Plane Slicing