| IEICE Technical Committee Submission System Conference Paper's Information |
Online Proceedings [Sign in] Tech. Rep. Archives |
| Go Top Page | Go Previous | [Japanese] / [English] |
| Paper Abstract and Keywords | ||
| Presentation | 2021-03-05 16:25 Towards Adversarial Robustness of Learning in the Frequency Domain Subhajit Chaudhury, Toshihiko Yamasaki (UTokyo)  PRMU2020-100 |
|
| Abstract | (in Japanese) | (See Japanese page) |
| (in English) | Adversarial attacks study the effect of noise on the robustness of Convolutional Neural Networks (CNNs). Typically, these works have shown that CNNs can be easily fooled by simply adding small imperceptible noise in the RGB color space that cannot be detected by humans. In this paper, we study the effect of adversarial attacks in the frequency domain and show that such attacks are rendered weaker due to frequency domain transformations. We argue that learning CNNs in the frequency domain disentangles frequencies corresponding to semantic and adversarial features. Due to this property, CNNs learned in the frequency domain can selectively put less focus on the adversarial features resulting in a robust performance in the presence of adversarial noise. We performed experiments on multiple datasets and show that CNNs trained on Discrete Cosine Transform (DCT) inputs show significantly better noise robustness to many varieties of adversarial noise compared to standard CNNs learned on RGB/Grayscale input. From this result, we urge the research community towards exploring frequency domain learning as a potential novel area to improve neural network robustness to test-time noise. | |
| Keyword | (in Japanese) | (See Japanese page) |
| (in English) | Adversarial Attacks / Discrete Cosine Transforms / Defense against Adversarial Attacks / / / / / | |
| Reference Info. | IEICE Tech. Rep., vol. 120, no. 409, PRMU2020-100, pp. 176-180, March 2021. | |
| Paper # | PRMU2020-100 | |
| Date of Issue | 2021-02-25 (PRMU) | |
| ISSN | Online edition: ISSN 2432-6380 | |
| Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) | |
| Download PDF | PRMU2020-100 |
|
| Conference Information | |
| Committee | PRMU IPSJ-CVIM |
| Conference Date | 2021-03-04 - 2021-03-05 |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Online |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Computer Vision and Pattern Recognition for specific environment |
| Paper Information | |
| Registration To | PRMU |
| Conference Code | 2021-03-PRMU-CVIM |
| Language | English |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Towards Adversarial Robustness of Learning in the Frequency Domain |
| Sub Title (in English) | |
| Keyword(1) | Adversarial Attacks |
| Keyword(2) | Discrete Cosine Transforms |
| Keyword(3) | Defense against Adversarial Attacks |
| Keyword(4) | |
| Keyword(5) | |
| Keyword(6) | |
| Keyword(7) | |
| Keyword(8) | |
| 1st Author's Name | Subhajit Chaudhury |
| 1st Author's Affiliation | The University of Tokyo (UTokyo) |
| 2nd Author's Name | Toshihiko Yamasaki |
| 2nd Author's Affiliation | The University of Tokyo (UTokyo) |
| 3rd Author's Name | |
| 3rd Author's Affiliation | () |
| 4th Author's Name | |
| 4th Author's Affiliation | () |
| 5th Author's Name | |
| 5th Author's Affiliation | () |
| 6th Author's Name | |
| 6th Author's Affiliation | () |
| 7th Author's Name | |
| 7th Author's Affiliation | () |
| 8th Author's Name | |
| 8th Author's Affiliation | () |
| 9th Author's Name | |
| 9th Author's Affiliation | () |
| 10th Author's Name | |
| 10th Author's Affiliation | () |
| 11th Author's Name | |
| 11th Author's Affiliation | () |
| 12th Author's Name | |
| 12th Author's Affiliation | () |
| 13th Author's Name | |
| 13th Author's Affiliation | () |
| 14th Author's Name | |
| 14th Author's Affiliation | () |
| 15th Author's Name | |
| 15th Author's Affiliation | () |
| 16th Author's Name | |
| 16th Author's Affiliation | () |
| 17th Author's Name | |
| 17th Author's Affiliation | () |
| 18th Author's Name | |
| 18th Author's Affiliation | () |
| Speaker | Author-1 |
| Date Time | 2021-03-05 16:25:00 |
| Presentation Time | 15 minutes |
| Registration for | PRMU |
| Paper # | PRMU2020-100 |
| Volume (vol) | vol.120 |
| Number (no) | no.409 |
| Page | pp.176-180 |
| #Pages | 5 |
| Date of Issue | 2021-02-25 (PRMU) |
[Return to Top Page]