Adversarial Examples Detection and Analysis with Layer-wise Autoencoders
Bartosz W\'ojcik, Pawe{\l} Morawiecki, Marek \'Smieja, Tomasz, Krzy\.zek, Przemys{\l}aw Spurek, Jacek Tabor
TL;DR
This paper introduces a layer-wise autoencoder approach to detect adversarial examples by analyzing data representations within neural network layers, providing improved detection performance and insights into adversarial behavior.
Contribution
The paper proposes a novel method using autoencoders at intermediate layers to identify adversarial examples and analyze their flow through neural networks.
Findings
Outperforms existing methods in detection accuracy
Provides insights into adversarial example propagation
Effective in both supervised and unsupervised scenarios
Abstract
We present a mechanism for detecting adversarial examples based on data representations taken from the hidden layers of the target network. For this purpose, we train individual autoencoders at intermediate layers of the target network. This allows us to describe the manifold of true data and, in consequence, decide whether a given example has the same characteristics as true data. It also gives us insight into the behavior of adversarial examples and their flow through the layers of a deep neural network. Experimental results show that our method outperforms the state of the art in supervised and unsupervised settings.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Anomaly Detection Techniques and Applications