Conference Proceedings

Defense Against Universal Adversarial Perturbations

N Akhtar, J Liu, A Mian

Proceedings of the IEEE Computer Society Conference on Computer Vision and Pattern Recognition | IEEE | Published : 2018

DOI: 10.1109/CVPR.2018.00357

Abstract

Recent advances in Deep Learning show the existence of image-agnostic quasi-imperceptible perturbations that when applied to 'any' image can fool a state-of-the-art network classifier to change its prediction about the image label. These 'Universal Adversarial Perturbations' pose a serious threat to the success of Deep Learning in practice. We present the first dedicated framework to effectively defend the networks against such perturbations. Our approach learns a Perturbation Rectifying Network (PRN) as 'pre-input' layers to a targeted model, such that the targeted model needs no modification. The PRN is learned from real and synthetic image-agnostic perturbations, where an efficient method..

View full abstract

University of Melbourne Researchers

Grants

Awarded by ARC

Funding Acknowledgements

This research was supported by ARC grant DP160101458. The Titan Xp used for this research was donated by NVIDIA Corporation.

Citation metrics

175Scopus
117Web of Science
177Dimensions

Keywords

4611 Machine Learning
Machine Learning and Artificial Intelligence
Science & Technology
Computer Science
Technology
46 Information and Computing Sciences
Networking and Information Technology R&d (nitrd)
Computer Science, Artificial Intelligence