Classification Score Approach for Detecting Adversarial Example in Deep Neural Network

Cited 7 time in webofscience Cited 0 time in scopus
  • Hit : 178
  • Download : 42
DC FieldValueLanguage
dc.contributor.authorKwon, Hyunko
dc.contributor.authorKim, Yongchulko
dc.contributor.authorYoon, Hyunsooko
dc.contributor.authorChoi, Daeseonko
dc.date.accessioned2021-03-30T04:50:21Z-
dc.date.available2021-03-30T04:50:21Z-
dc.date.created2020-11-04-
dc.date.issued2021-03-
dc.identifier.citationMULTIMEDIA TOOLS AND APPLICATIONS, v.80, no.7, pp.10339 - 10360-
dc.identifier.issn1380-7501-
dc.identifier.urihttp://hdl.handle.net/10203/282221-
dc.description.abstractDeep neural networks (DNNs) provide superior performance on machine learning tasks such as image recognition, speech recognition, pattern analysis, and intrusion detection. However, an adversarial example, created by adding a little noise to an original sample, can cause misclassification by a DNN. This is a serious threat to the DNN because the added noise is not detected by the human eye. For example, if an attacker modifies a right-turn sign so that it misleads to the left, autonomous vehicles with the DNN will incorrectly classify the modified sign as pointing to the left, but a person will correctly classify the modified sign as pointing to the right. Studies are under way to defend against such adversarial examples. The existing method of defense against adversarial examples requires an additional process such as changing the classifier or modifying input data. In this paper, we propose a new method for detecting adversarial examples that does not invoke any additional process. The proposed scheme can detect adversarial examples by using a pattern feature of the classification scores of adversarial examples. We used MNIST and CIFAR10 as experimental datasets and Tensorflow as a machine learning library. The experimental results show that the proposed method can detect adversarial examples with success rates: 99.05% and 99.9% for the untargeted and targeted cases in MNIST, respectively, and 94.7% and 95.8% for the untargeted and targeted cases in CIFAR10, respectively.-
dc.languageEnglish-
dc.publisherSPRINGER-
dc.titleClassification Score Approach for Detecting Adversarial Example in Deep Neural Network-
dc.typeArticle-
dc.identifier.wosid000591261400001-
dc.identifier.scopusid2-s2.0-85096388791-
dc.type.rimsART-
dc.citation.volume80-
dc.citation.issue7-
dc.citation.beginningpage10339-
dc.citation.endingpage10360-
dc.citation.publicationnameMULTIMEDIA TOOLS AND APPLICATIONS-
dc.identifier.doi10.1007/s11042-020-09167-z-
dc.contributor.localauthorYoon, Hyunsoo-
dc.contributor.nonIdAuthorKwon, Hyun-
dc.contributor.nonIdAuthorKim, Yongchul-
dc.contributor.nonIdAuthorChoi, Daeseon-
dc.description.isOpenAccessY-
dc.type.journalArticleArticle-
dc.subject.keywordAuthorDeep neural network-
dc.subject.keywordAuthorEvasion attack-
dc.subject.keywordAuthorAdversarial example-
dc.subject.keywordAuthorMachine learning-
dc.subject.keywordAuthorDetection method-
dc.subject.keywordAuthorClassification score-
This item is cited by other documents in WoS
⊙ Detail Information in WoSⓡ Click to see webofscience_button
⊙ Cited 7 items in WoS Click to see citing articles in records_button

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0