TechRxiv
RADNN__Robust_to_adversarial_attacks_Deep_NN (7).pdf (948.29 kB)

RADNN: ROBUST TO IMPERCEPTIBLE ADVERSARIAL ATTACKS DEEP NEURAL NETWORK

Download (948.29 kB)
preprint
posted on 2021-10-04, 22:55 authored by Eduardo SoaresEduardo Soares, plamen angelov
This paper presents the RADNN algorithm. The RADNN is a robust to imperceptible adversarial attack algorithm that uses the concept of data density and similarities to detect attacks on real-time. Differently from traditional deep learnings that need be trained on the attacks to be able to detect, RADNN has a mechanism that detects data patterns changes. In order to evaluate the proposed method, we considered the PerC attacks and a 1000 images from the Imagenet dataset. The RADNN could correctly identify 97.2% of the attacks.

History

Email Address of Submitting Author

e.almeidasoares@lancaster.ac.uk

ORCID of Submitting Author

0000-0002-2634-8270

Submitting Author's Institution

Lancaster University

Submitting Author's Country

  • United Kingdom

Usage metrics

    Categories

    Keywords

    Adversarial attacksExplainable AIHuman-interpretable rulesprototype-based approach

    Licence

    CC BY 4.0

    Exports