On Reducing Adversarial Vulnerability with Data Dependent Stochastic Resonance

David Schwartz, Gregory Ditzler

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Neural networks are vulnerable to adversarial attacks formed by minuscule perturbations to the original data. These perturbations lead to significant performance degradation. Previous works on defenses against adversarial evasion attacks typically involve pre-processing input data at training or testing time, or modifications to the objective function optimized during the training. In contrast, relatively fewer defense methods focus on modifying the topology and functionality of the underlying defended neural network. Additionally, prior theoretical examinations of the geometry of adversarial examples reveal a challenging and intrinsic trade-off between adversarial and benign accuracy. We introduce a novel modification to a traditional feed-forward convolutional neural network that embeds uncertainty within the network's hidden representations in a learned and data-dependent manner. Our proposed alteration renders the network significantly more resilient than comparably computationally expensive alternatives. Further, the empirical investigation of the proposed defense demonstrates that, unlike prior defense techniques that are comparable to state-of-the-art, the stochastic resonance effect improves adversarial accuracy without significant degradation in benign accuracy.

Original languageEnglish (US)
Title of host publicationProceedings of the 2022 IEEE Symposium Series on Computational Intelligence, SSCI 2022
EditorsHisao Ishibuchi, Chee-Keong Kwoh, Ah-Hwee Tan, Dipti Srinivasan, Chunyan Miao, Anupam Trivedi, Keeley Crockett
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1334-1341
Number of pages8
ISBN (Electronic)9781665487689
DOIs
StatePublished - 2022
Externally publishedYes
Event2022 IEEE Symposium Series on Computational Intelligence, SSCI 2022 - Singapore, Singapore
Duration: Dec 4 2022Dec 7 2022

Publication series

NameProceedings of the 2022 IEEE Symposium Series on Computational Intelligence, SSCI 2022

Conference

Conference2022 IEEE Symposium Series on Computational Intelligence, SSCI 2022
Country/TerritorySingapore
CitySingapore
Period12/4/2212/7/22

Keywords

  • FGSM
  • adversarial defense
  • regularization
  • robustness

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Science Applications
  • Decision Sciences (miscellaneous)
  • Computational Mathematics
  • Control and Optimization
  • Transportation

Fingerprint

Dive into the research topics of 'On Reducing Adversarial Vulnerability with Data Dependent Stochastic Resonance'. Together they form a unique fingerprint.

Cite this