# Combatting Adversarial Attacks through Denoising and Dimensionality   Reduction: A Cascaded Autoencoder Approach

**Authors:** Rajeev Sahay, Rehana Mahfuz, Aly El Gamal

arXiv: 1812.03087 · 2018-12-10

## TL;DR

This paper introduces a cascaded autoencoder approach that denoises and reduces the dimensionality of input data to defend machine learning models against gradient-based adversarial attacks, significantly improving robustness.

## Contribution

It presents a novel autoencoder-based pipeline combining denoising and dimensionality reduction to enhance adversarial robustness of classifiers.

## Key findings

- Improved accuracy against Fast Gradient Sign attack.
- Effective mitigation of adversarial perturbations.
- Enhanced robustness with different perturbation bounds.

## Abstract

Machine Learning models are vulnerable to adversarial attacks that rely on perturbing the input data. This work proposes a novel strategy using Autoencoder Deep Neural Networks to defend a machine learning model against two gradient-based attacks: The Fast Gradient Sign attack and Fast Gradient attack. First we use an autoencoder to denoise the test data, which is trained with both clean and corrupted data. Then, we reduce the dimension of the denoised data using the hidden layer representation of another autoencoder. We perform this experiment for multiple values of the bound of adversarial perturbations, and consider different numbers of reduced dimensions. When the test data is preprocessed using this cascaded pipeline, the tested deep neural network classifier yields a much higher accuracy, thus mitigating the effect of the adversarial perturbation.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1812.03087/full.md

## Figures

8 figures with captions in the complete paper: https://tomesphere.com/paper/1812.03087/full.md

## References

15 references — full list in the complete paper: https://tomesphere.com/paper/1812.03087/full.md

---
Source: https://tomesphere.com/paper/1812.03087