Detecting adversarial examples through nonlinear dimensionality reduction

Biggio B.
2019-01-01

Abstract

Deep neural networks are vulnerable to adversarial examples, i.e., carefully-perturbed inputs aimed to mislead classification. This work proposes a detection method based on combining non-linear dimensionality reduction and density estimation techniques. Our empirical findings show that the proposed approach is able to effectively detect adversarial examples crafted by non-adaptive attackers, i.e., not specifically tuned to bypass the detection method. Given our promising results, we plan to extend our analysis to adaptive attackers in future work.
2019
Inglese
ESANN 2019 - Proceedings, 27th European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning
ESANN (i6doc.com)
483
488
6
2-s2.0-85071338951
https://www.elen.ucl.ac.be/esann/proceedings/papers.php?ann=2019
27th European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning, ESANN 2019
Esperti anonimi
24-26 April 2019
Bruges, Belgium
scientifica
no
4 Contributo in Atti di Convegno (Proceeding)::4.1 Contributo in Atti di convegno
Crecchi, F.; Bacciu, D.; Biggio, B.
273
3
4.1 Contributo in Atti di convegno
open
info:eu-repo/semantics/conferencePaper
File in questo prodotto:
File Dimensione Formato  
crecchi19-esann.pdf

accesso aperto

Tipologia: versione pre-print
Dimensione 552.39 kB
Formato Adobe PDF
Visualizza/Apri
552.39 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Questionario e social

Condividi su:
Impostazioni cookie