# Defending Against Adversarial Iris Examples Using Wavelet Decomposition

**Authors:** Sobhan Soleymani, Ali Dabouei, Jeremy Dawson, Nasser M. Nasrabadi

arXiv: 1908.03176 · 2019-08-09

## TL;DR

This paper introduces three wavelet-based defense strategies to detect and mitigate adversarial iris examples, enhancing biometric security against carefully crafted attacks.

## Contribution

It proposes novel wavelet domain denoising methods for adversarial iris detection, outperforming five existing defense strategies.

## Key findings

- Effective detection of adversarial iris examples
- Outperforms existing defense strategies in tests
- Robust against multiple attack scenarios

## Abstract

Deep neural networks have presented impressive performance in biometric applications. However, their performance is highly at risk when facing carefully crafted input samples known as adversarial examples. In this paper, we present three defense strategies to detect adversarial iris examples. These defense strategies are based on wavelet domain denoising of the input examples by investigating each wavelet sub-band and removing the sub-bands that are most affected by the adversary. The first proposed defense strategy reconstructs multiple denoised versions of the input example through manipulating the mid- and high-frequency components of the wavelet domain representation of the input example and makes a decision upon the classification result of the majority of the denoised examples. The second and third proposed defense strategies aim to denoise each wavelet domain sub-band and determine the sub-bands that are most likely affected by the adversary using the reconstruction error computed for each sub-band. We test the performance of the proposed defense strategies against several attack scenarios and compare the results with five state of the art defense strategies.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1908.03176/full.md

## Figures

4 figures with captions in the complete paper: https://tomesphere.com/paper/1908.03176/full.md

## References

42 references — full list in the complete paper: https://tomesphere.com/paper/1908.03176/full.md

---
Source: https://tomesphere.com/paper/1908.03176