University of Cagliari
Detecting adversarial examples through nonlinear dimensionality reduction
Biggio B.
2019-01-01
Abstract
Deep neural networks are vulnerable to adversarial examples, i.e., carefully-perturbed inputs aimed to mislead classification. This work proposes a detection method based on combining non-linear dimensionality reduction and density estimation techniques. Our empirical findings show that the proposed approach is able to effectively detect adversarial examples crafted by non-adaptive attackers, i.e., not specifically tuned to bypass the detection method. Given our promising results, we plan to extend our analysis to adaptive attackers in future work.
Files in This Item:
| File | Size | Format | |
|---|---|---|---|
| crecchi19-esann.pdf open access
Type: versione pre-print
Size 552.39 kB
Format Adobe PDF
|
552.39 kB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.