loading page

Evaluation of Ensemble Learning for Mitigating Adversarial Attacks in Industrial Object Detection
  • +1
  • Shashank Pulijala,
  • Sara Shahin,
  • Tapadhir Das,
  • Raj Mani Shukla
Shashank Pulijala
School of Computing and Information Science, Anglia Ruskin University
Sara Shahin
School of Computing and Information Science, Anglia Ruskin University
Tapadhir Das
Department of Computer Science, University of the Pacific
Raj Mani Shukla
School of Computing and Information Science, Anglia Ruskin University

Corresponding Author:[email protected]

Author Profile


Deep Learning (DL) technology has become ubiquitous in multiple industrial domains, and continuing research and development in this field persists rapidly. One essential application of DL is object detection (OD), which is used for multiple industrial applications. Unfortunately, DL-enabled OD (DLOD) models can fall victim to adversarial attacks. In this paper, we evaluate the effectiveness of using ensemble learning (EL) as a mechanism to defend DLOD models from adversarial attacks in industrial applications. This investigation is structured as a multi-faceted and multi-staged approach that amalgamates both experimental assessments and in-depth analyses. Results indicate that the usage of EL can prevent substantial deterioration in model performance against adversarial samples. This can be attributed to EL's function of relying on high-performing base learners that have good generalization ability on unseen instances. Additionally, we also note that across both industrial OD datasets, the adversarial samples developed on ResNet-50 impacted the performance of ResNet-50 in Figure negatively. However, due to EL having the ability to validate perturbed samples on a wider variety of strong learners, the model achieved higher performance compared to solely ResNet-50. Achieved results indicate that using EL for protecting against adversarial attacks has merit and further investigations in this direction are warranted.
09 May 2024Submitted to TechRxiv
13 May 2024Published in TechRxiv