Discerning the Chaos: Detecting Adversarial Perturbations while Disentangling Intentional from Unintentional Noises

TL;DR

This paper presents CIAI, a novel detection network based on a modified vision transformer that effectively distinguishes between adversarial and unintentional noises in images, enhancing security in deep learning applications.

Contribution

Introduces CIAI, a class-independent adversarial intent detection network utilizing a new loss function and multi-step training to detect both adversarial and unintentional noises.

Findings

Effective detection of adversarial attacks like FGSM, PGD, DeepFool.

Successful identification of unintentional noises such as Gaussian and Salt & Pepper.

Robust performance across multiple datasets including CelebA and CIFAR-10.

Abstract

Deep learning models, such as those used for face recognition and attribute prediction, are susceptible to manipulations like adversarial noise and unintentional noise, including Gaussian and impulse noise. This paper introduces CIAI, a Class-Independent Adversarial Intent detection network built on a modified vision transformer with detection layers. CIAI employs a novel loss function that combines Maximum Mean Discrepancy and Center Loss to detect both intentional (adversarial attacks) and unintentional noise, regardless of the image class. It is trained in a multi-step fashion. We also introduce the aspect of intent during detection that can act as an added layer of security. We further showcase the performance of our proposed detector on CelebA, CelebA-HQ, LFW, AgeDB, and CIFAR-10 datasets. Our detector is able to detect both intentional (like FGSM, PGD, and DeepFool) and unintentional (like Gaussian and Salt & Pepper noises) perturbations.