TY - GEN
T1 - A learning and masking approach to secure learning
AU - Nguyen, Linh
AU - Wang, Sky
AU - Sinha, Arunesh
N1 - Publisher Copyright:
© 2018, Springer Nature Switzerland AG.
PY - 2018
Y1 - 2018
N2 - Deep Neural Networks (DNNs) have been shown to be vulnerable against adversarial examples, which are data points cleverly constructed to fool the classifier. In this paper, we introduce a new perspective on the problem. We do so by first defining robustness of a classifier to adversarial exploitation. Further, we categorize attacks in literature into high and low perturbation attacks. Next, we show that the defense problem can be posed as a learning problem itself and find that this approach effective against high perturbation attacks. For low perturbation attacks, we present a classifier boundary masking method that uses noise to randomly shift the classifier boundary at runtime. We also show that both our learning and masking based defense can work simultaneously to protect against multiple attacks. We demonstrate the efficacy of our techniques by experimenting with the MNIST and CIFAR-10 datasets.
AB - Deep Neural Networks (DNNs) have been shown to be vulnerable against adversarial examples, which are data points cleverly constructed to fool the classifier. In this paper, we introduce a new perspective on the problem. We do so by first defining robustness of a classifier to adversarial exploitation. Further, we categorize attacks in literature into high and low perturbation attacks. Next, we show that the defense problem can be posed as a learning problem itself and find that this approach effective against high perturbation attacks. For low perturbation attacks, we present a classifier boundary masking method that uses noise to randomly shift the classifier boundary at runtime. We also show that both our learning and masking based defense can work simultaneously to protect against multiple attacks. We demonstrate the efficacy of our techniques by experimenting with the MNIST and CIFAR-10 datasets.
UR - http://www.scopus.com/inward/record.url?scp=85055876928&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85055876928&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-01554-1_26
DO - 10.1007/978-3-030-01554-1_26
M3 - Conference contribution
AN - SCOPUS:85055876928
SN - 9783030015534
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 453
EP - 464
BT - Decision and Game Theory for Security - 9th International Conference, GameSec 2018, Proceedings
A2 - Bushnell, Linda
A2 - Poovendran, Radha
A2 - Basar, Tamer
PB - Springer Verlag
T2 - 9th International Conference on Decision and Game Theory for Security, GameSec 2018
Y2 - 29 October 2018 through 31 October 2018
ER -