| IEICE Technical Committee Submission System Conference Paper's Information |
Online Proceedings [Sign in] Tech. Rep. Archives |
| Go Top Page | Go Previous | [Japanese] / [English] |
| Paper Abstract and Keywords | ||
| Presentation | 2021-03-04 14:15 [Poster Presentation] Detection of Adversarial Examples in CNN Image Classifiers Using Features Extracted with Multiple Strengths of Filter Akinori Higashi, Minoru Kuribayashi, Nobuo Funabiki (Okayama Univ.), Huy Hong Nguyen, Isao Echizen (NII)  EMM2020-70 |
|
| Abstract | (in Japanese) | (See Japanese page) |
| (in English) | Deep learning has been used as a new method for machine learning, and its performance has been significantly improved. Adversarial examples are known as attacks to machine learning system by injecting malicious noise to inputs such as images, sounds, videos so as to fool the system. Research on fooling image classifiers has been reported as a potential threat to CNN-based systems. In this paper, we propose a new method for detecting adversarial examples by using the sensibilities of image classifiers. Since adversarial examples are generated by adding noise, we focus on the behavior of the output of the image classifier to the noise removal filter. We change the strength of the noise removal filter and observe its output to determine whether it is an adversarial example or not. With the increase of the filter strength, the entropy of the image is expected to decrease and adversarial noises are removed as well. Therefore, the output of the softmax function of the image classifier is expected to change significantly in the case of adversarial examples, while it is stable in the case of normal images. A framework for detecting simple adversarial examples by using the response characteristics to noise removal operations. We conducted experiments against typical adversarial example generating attacks and quantitatively evaluated its performance. | |
| Keyword | (in Japanese) | (See Japanese page) |
| (in English) | Adversarial Example / Noise Removal Filter / CNN / Image Classifier / / / / | |
| Reference Info. | IEICE Tech. Rep., vol. 120, no. 418, EMM2020-70, pp. 19-24, March 2021. | |
| Paper # | EMM2020-70 | |
| Date of Issue | 2021-02-25 (EMM) | |
| ISSN | Online edition: ISSN 2432-6380 | |
| Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) | |
| Download PDF | EMM2020-70 |
|
| Conference Information | |
| Committee | EMM |
| Conference Date | 2021-03-04 - 2021-03-05 |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Online |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Image and Sound Quality, Metrics for Perception and Recognition, Human Auditory and Visual System, etc. |
| Paper Information | |
| Registration To | EMM |
| Conference Code | 2021-03-EMM |
| Language | Japanese |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Detection of Adversarial Examples in CNN Image Classifiers Using Features Extracted with Multiple Strengths of Filter |
| Sub Title (in English) | |
| Keyword(1) | Adversarial Example |
| Keyword(2) | Noise Removal Filter |
| Keyword(3) | CNN |
| Keyword(4) | Image Classifier |
| Keyword(5) | |
| Keyword(6) | |
| Keyword(7) | |
| Keyword(8) | |
| 1st Author's Name | Akinori Higashi |
| 1st Author's Affiliation | Okayama University (Okayama Univ.) |
| 2nd Author's Name | Minoru Kuribayashi |
| 2nd Author's Affiliation | Okayama University (Okayama Univ.) |
| 3rd Author's Name | Nobuo Funabiki |
| 3rd Author's Affiliation | Okayama University (Okayama Univ.) |
| 4th Author's Name | Huy Hong Nguyen |
| 4th Author's Affiliation | National Institute of Informatics (NII) |
| 5th Author's Name | Isao Echizen |
| 5th Author's Affiliation | National Institute of Informatics (NII) |
| 6th Author's Name | |
| 6th Author's Affiliation | () |
| 7th Author's Name | |
| 7th Author's Affiliation | () |
| 8th Author's Name | |
| 8th Author's Affiliation | () |
| 9th Author's Name | |
| 9th Author's Affiliation | () |
| 10th Author's Name | |
| 10th Author's Affiliation | () |
| 11th Author's Name | |
| 11th Author's Affiliation | () |
| 12th Author's Name | |
| 12th Author's Affiliation | () |
| 13th Author's Name | |
| 13th Author's Affiliation | () |
| 14th Author's Name | |
| 14th Author's Affiliation | () |
| 15th Author's Name | |
| 15th Author's Affiliation | () |
| 16th Author's Name | |
| 16th Author's Affiliation | () |
| 17th Author's Name | |
| 17th Author's Affiliation | () |
| 18th Author's Name | |
| 18th Author's Affiliation | () |
| Speaker | Author-1 |
| Date Time | 2021-03-04 14:15:00 |
| Presentation Time | 15 minutes |
| Registration for | EMM |
| Paper # | EMM2020-70 |
| Volume (vol) | vol.120 |
| Number (no) | no.418 |
| Page | pp.19-24 |
| #Pages | 6 |
| Date of Issue | 2021-02-25 (EMM) |
[Return to Top Page]