Spartan Networks: Self-Feature-Squeezing Networks for Increased Robustness in Adversarial Settings
| Title | Spartan Networks: Self-Feature-Squeezing Networks for Increased Robustness in Adversarial Settings |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Menet, Fran\c cois, Berthier, Paul, Gagnon, Michel, Fernandez, José M. |
| Conference Name | Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security |
| Date Published | October 2018 |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5693-0 |
| Keywords | adversarial ai, AI, AI and Privacy, artificial intelligence, Artificial neural networks, Computational Intelligence, cybersecurity, Human Behavior, human factors, privacy, pubcrawl, resilience, Resiliency, Scalability |
| Abstract | Deep Learning Models are vulnerable to adversarial inputs, samples modified in order to maximize error of the system. We hereby introduce Spartan Networks, Deep Learning models that are inherently more resistant to adverarial examples, without doing any input preprocessing out of the network or adversarial training. These networks have an adversarial layer within the network designed to starve the network of information, using a new activation function to discard data. This layer trains the neural network to filter-out usually-irrelevant parts of its input. These models thus have a slightly lower precision, but report a higher robustness under attack than unprotected models. |
| URL | https://dl.acm.org/doi/10.1145/3243734.3278486 |
| DOI | 10.1145/3243734.3278486 |
| Citation Key | menetSpartanNetworksSelfFeatureSqueezing2018 |