Please use this identifier to cite or link to this item:
Title: Trace and detect adversarial attacks on CNNs using feature response maps
Authors : Amirian, Mohammadreza
Schwenker, Friedhelm
Stadelmann, Thilo
Proceedings: Proceedings of the 8th IAPR TC3 Workshop on Artificial Neural Networks in Pattern Recognition (ANNPR)
Conference details: 8th IAPR TC3 Workshop on Artificial Neural Networks in Pattern Recognition (ANNPR), Siena, Italy, September 19–21, 2018
Publisher / Ed. Institution : IAPR
Issue Date: Sep-2018
License (according to publishing contract) : Licence according to publishing contract
Type of review: Peer review (Publication)
Language : English
Subjects : Model interpretability; Feature visualization; Diagnostic
Subject (DDC) : 005: Computer programming, programs and data
Abstract: The existence of adversarial attacks on convolutional neural networks (CNN) questions the fitness of such models for serious applications. The attacks manipulate an input image such that misclassification is evoked while still looking normal to a human observer—they are thus not easily detectable. In a different context, backpropagated activations of CNN hidden layers—“feature responses” to a given input—have been helpful to visualize for a human “debugger” what the CNN “looks at” while computing its output. In this work, we propose a novel detection method for adversarial examples to prevent attacks. We do so by tracking adversarial perturbations in feature responses, allowing for automatic detection using average local spatial entropy. The method does not alter the original network architecture and is fully human-interpretable. Experiments confirm the validity of our approach for state-of-the-art attacks on large-scale models trained on ImageNet.
Departement: School of Engineering
Organisational Unit: Institute of Applied Information Technology (InIT)
Publication type: Conference Paper
DOI : 10.21256/zhaw-3863
Published as part of the ZHAW project : QualitAI - Quality control of industrial products via deep learning on images
Appears in Collections:Publikationen School of Engineering

Files in This Item:
File Description SizeFormat 
ANNPR_2018c.pdf2.95 MBAdobe PDFThumbnail

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.