FUNN: Flexible Unsupervised Neural Network
Résumé
Deep neural networks have shown high accuracy incomputer vision tasks. However, they are known to beweak against adversarial examples. A small perturbationin the image can change the classification dramatically. Inrecent years, several defences methods have been proposedto solve the issue in the context of supervised classificationtasks.We propose a method to find robust featuresagainst adversarial attacks in the context of unsupervisedlearning. Our method differs from existing solutions bydirectly learning the robust features without projecting the adversarial examples in the original distribution space.Afirst auto-encoder, called attacker, perturbs the input imagein order to fool a second auto-encoder, called defender,which tries to regenerate the original image.The goal ofthe attacker is to perturb images as little as possible whileguaranteeing that the reconstructed images will be at a givendistance from the original images.After such training, weextract from the defender an encoder that should be robustagainst adversarial attacks. Using state-of-art network architectures, we demonstrate the robustness of the features obtained by this method in classification tasks
Domaines
Intelligence artificielle [cs.AI]
Origine : Fichiers produits par l'(les) auteur(s)
Loading...