Defense Against Adversarial Attacks using Convolutional Auto-Encoders

TL;DR

This paper proposes a convolutional autoencoder-based method to improve the robustness of deep learning classifiers against adversarial attacks by restoring perturbed inputs.

Contribution

It introduces a novel autoencoder approach specifically designed to counteract adversarial perturbations in input data.

Findings

Enhanced model robustness against adversarial attacks

Restoration of input images improves classification accuracy

Effective suppression of imperceptible perturbations

Abstract

Deep learning models, while achieving state-of-the-art performance on many tasks, are susceptible to adversarial attacks that exploit inherent vulnerabilities in their architectures. Adversarial attacks manipulate the input data with imperceptible perturbations, causing the model to misclassify the data or produce erroneous outputs. This work is based on enhancing the robustness of targeted classifier models against adversarial attacks. To achieve this, an convolutional autoencoder-based approach is employed that effectively counters adversarial perturbations introduced to the input images. By generating images closely resembling the input images, the proposed methodology aims to restore the model's accuracy.