APE-GAN: Adversarial Perturbation Elimination with GAN
Shiwei Shen, Guoqing Jin, Ke Gao, Yongdong Zhang
TL;DR
This paper introduces APE-GAN, a generative adversarial network-based framework designed to effectively eliminate adversarial perturbations in images, thereby enhancing the robustness of neural networks against various adversarial attacks.
Contribution
The paper proposes a novel APE-GAN framework that significantly improves defense against adversarial examples across multiple datasets and attack methods.
Findings
Effective resistance to five different adversarial attacks
Successful application on MNIST, CIFAR10, and ImageNet datasets
Outperforms existing defense methods in experiments
Abstract
Although neural networks could achieve state-of-the-art performance while recongnizing images, they often suffer a tremendous defeat from adversarial examples--inputs generated by utilizing imperceptible but intentional perturbation to clean samples from the datasets. How to defense against adversarial examples is an important problem which is well worth researching. So far, very few methods have provided a significant defense to adversarial examples. In this paper, a novel idea is proposed and an effective framework based Generative Adversarial Nets named APE-GAN is implemented to defense against the adversarial examples. The experimental results on three benchmark datasets including MNIST, CIFAR10 and ImageNet indicate that APE-GAN is effective to resist adversarial examples generated from five attacks.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning