Machine Beats Machine: Machine Learning Models to Defend Against Adversarial Attacks
Jo\v{z}e M. Ro\v{z}anec, Dimitrios Papamartzivanos, Entso Veliou, and Theodora Anastasiou, Jelle Keizer, Bla\v{z} Fortuna, Dunja, Mladeni\'c
TL;DR
This paper introduces a two-layer machine learning approach to detect and defend against adversarial attacks, utilizing clustering algorithms like DBSCAN for improved detection accuracy.
Contribution
It presents a novel two-layer deployment framework and explores multiple feature sets and datasets, highlighting clustering algorithms' effectiveness in adversarial attack detection.
Findings
Clustering algorithms, especially DBSCAN, show promising results in detecting tampered data.
Using structural similarity index measures enhances detection performance.
The proposed method effectively distinguishes between tampered and genuine data in various datasets.
Abstract
We propose using a two-layered deployment of machine learning models to prevent adversarial attacks. The first layer determines whether the data was tampered, while the second layer solves a domain-specific problem. We explore three sets of features and three dataset variations to train machine learning models. Our results show clustering algorithms achieved promising results. In particular, we consider the best results were obtained by applying the DBSCAN algorithm to the structured structural similarity index measure computed between the images and a white reference image.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Anomaly Detection Techniques and Applications · Digital Media Forensic Detection