Metamorphic Detection of Adversarial Examples in Deep Learning Models With Affine Transformations
Rohan Reddy Mekala, Gudjon Einar Magnusson, Adam Porter, Mikael, Lindvall, Madeline Diep

TL;DR
This paper introduces a metamorphic testing approach using affine transformations to automatically detect imperceptible adversarial examples in deep learning image classifiers, enhancing security in AI applications.
Contribution
It proposes a novel metamorphic testing method based on affine transformations to identify adversarial images with high accuracy, addressing a critical security challenge.
Findings
High detection accuracy for adversarial examples
Effective in identifying imperceptible manipulations
Applicable to safety-critical AI systems
Abstract
Adversarial attacks are small, carefully crafted perturbations, imperceptible to the naked eye; that when added to an image cause deep learning models to misclassify the image with potentially detrimental outcomes. With the rise of artificial intelligence models in consumer safety and security intensive industries such as self-driving cars, camera surveillance and face recognition, there is a growing need for guarding against adversarial attacks. In this paper, we present an approach that uses metamorphic testing principles to automatically detect such adversarial attacks. The approach can detect image manipulations that are so small, that they are impossible to detect by a human through visual inspection. By applying metamorphic relations based on distance ratio preserving affine image transformations which compare the behavior of the original and transformed image; we show that our…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
