Robust Image Classification: Defensive Strategies against FGSM and PGD Adversarial Attacks

TL;DR

This paper presents a comprehensive defense strategy combining adversarial training and preprocessing techniques to improve the robustness of image classification models against FGSM and PGD adversarial attacks.

Contribution

It introduces novel defense mechanisms and evaluates their effectiveness across benchmark datasets, advancing the security of deep learning models against adversarial threats.

Findings

Significant robustness improvements over baseline models

Effective mitigation of FGSM and PGD attack impacts

Enhanced model reliability in real-world scenarios

Abstract

Adversarial attacks, particularly the Fast Gradient Sign Method (FGSM) and Projected Gradient Descent (PGD) pose significant threats to the robustness of deep learning models in image classification. This paper explores and refines defense mechanisms against these attacks to enhance the resilience of neural networks. We employ a combination of adversarial training and innovative preprocessing techniques, aiming to mitigate the impact of adversarial perturbations. Our methodology involves modifying input data before classification and investigating different model architectures and training strategies. Through rigorous evaluation of benchmark datasets, we demonstrate the effectiveness of our approach in defending against FGSM and PGD attacks. Our results show substantial improvements in model robustness compared to baseline methods, highlighting the potential of our defense strategies in real-world applications. This study contributes to the ongoing efforts to develop secure and reliable machine learning systems, offering practical insights and paving the way for future research in adversarial defense. By bridging theoretical advancements and practical implementation, we aim to enhance the trustworthiness of AI applications in safety-critical domains.