# On Configurable Defense against Adversarial Example Attacks

**Authors:** Bo Luo, Min Li, Yu Li, Qiang Xu

arXiv: 1812.02737 · 2018-12-10

## TL;DR

This paper introduces a configurable defense mechanism for deep neural networks that allows tuning robustness against various targeted adversarial attacks by refining the loss function with an attack-sensitive matrix, demonstrated on CIFAR-10 and GTSRB datasets.

## Contribution

The work presents a novel, flexible defense approach that adjusts robustness levels against targeted attacks by incorporating an attack-sensitive matrix into the DNN loss function.

## Key findings

- Effective in tuning robustness against targeted attacks
- Demonstrated on CIFAR-10 and GTSRB datasets
- Improves defense customization for different application needs

## Abstract

Machine learning systems based on deep neural networks (DNNs) have gained mainstream adoption in many applications. Recently, however, DNNs are shown to be vulnerable to adversarial example attacks with slight perturbations on the inputs. Existing defense mechanisms against such attacks try to improve the overall robustness of the system, but they do not differentiate different targeted attacks even though the corresponding impacts may vary significantly. To tackle this problem, we propose a novel configurable defense mechanism in this work, wherein we are able to flexibly tune the robustness of the system against different targeted attacks to satisfy application requirements. This is achieved by refining the DNN loss function with an attack sensitive matrix to represent the impacts of different targeted attacks. Experimental results on CIFAR-10 and GTSRB data sets demonstrate the efficacy of the proposed solution.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1812.02737/full.md

## Figures

13 figures with captions in the complete paper: https://tomesphere.com/paper/1812.02737/full.md

## References

25 references — full list in the complete paper: https://tomesphere.com/paper/1812.02737/full.md

---
Source: https://tomesphere.com/paper/1812.02737