A Generative Model based Adversarial Security of Deep Learning and Linear Classifier Models

TL;DR

This paper proposes a mitigation method using autoencoder generative models to defend against adversarial attacks on deep learning and linear classifiers, evaluating performance on MNIST.

Contribution

It introduces a novel autoencoder-based defense mechanism against adversarial attacks across various machine learning models.

Findings

Autoencoder models effectively mitigate adversarial attacks.

The method performs well against multiple attack types.

Results demonstrate improved robustness of models.

Abstract

In recent years, machine learning algorithms have been applied widely in various fields such as health, transportation, and the autonomous car. With the rapid developments of deep learning techniques, it is critical to take the security concern into account for the application of the algorithms. While machine learning offers significant advantages in terms of the application of algorithms, the issue of security is ignored. Since it has many applications in the real world, security is a vital part of the algorithms. In this paper, we have proposed a mitigation method for adversarial attacks against machine learning models with an autoencoder model that is one of the generative ones. The main idea behind adversarial attacks against machine learning models is to produce erroneous results by manipulating trained models. We have also presented the performance of autoencoder models to various attack methods from deep neural networks to traditional algorithms by using different methods such as non-targeted and targeted attacks to multi-class logistic regression, a fast gradient sign method, a targeted fast gradient sign method and a basic iterative method attack to neural networks for the MNIST dataset.