Enhanced Local Gradient Smoothing: Approaches to Attacked-region Identification and Defense

Cheng You-Wei, Wang Sheng-De

2022

Abstract

Mainstream deep learning algorithms have been shown vulnerable to adversarial attacks - the deep models could be misled by adding small unnoticeable perturbations to the original input image. These attacks could pose security challenges in real-world applications. The paper focuses on how to defend against an adversarial patch attack that confines such noises within a small and localized patch area. We will discuss how an adversarial sample affects the classifier output from the perspective of a deep model by visualizing its saliency map. On the basis of our baseline method: Local Gradients Smoothing, we further design two methods called Saliency-map-based Local Gradients Smoothing and Weighted Local Gradients Smoothing, integrating saliency maps with local gradient maps to accurately locate a possible attacked region and perform smoothing accordingly. Experimental results show that our proposed method could reduce the probability of false smoothing and increase the overall accuracy significantly.

Download


Paper Citation


in Harvard Style

You-Wei C. and Sheng-De W. (2022). Enhanced Local Gradient Smoothing: Approaches to Attacked-region Identification and Defense. In Proceedings of the 14th International Conference on Agents and Artificial Intelligence - Volume 2: ICAART, ISBN 978-989-758-547-0, pages 254-263. DOI: 10.5220/0010825400003116


in Bibtex Style

@conference{icaart22,
author={Cheng You-Wei and Wang Sheng-De},
title={Enhanced Local Gradient Smoothing: Approaches to Attacked-region Identification and Defense},
booktitle={Proceedings of the 14th International Conference on Agents and Artificial Intelligence - Volume 2: ICAART,},
year={2022},
pages={254-263},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010825400003116},
isbn={978-989-758-547-0},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 14th International Conference on Agents and Artificial Intelligence - Volume 2: ICAART,
TI - Enhanced Local Gradient Smoothing: Approaches to Attacked-region Identification and Defense
SN - 978-989-758-547-0
AU - You-Wei C.
AU - Sheng-De W.
PY - 2022
SP - 254
EP - 263
DO - 10.5220/0010825400003116