publication . Conference object . Preprint . 2018

Feature Denoising for Improving Adversarial Robustness

Xie, Cihang; Wu, Yuxin; van der Maaten, Laurens; Yuille, Alan; He, Kaiming;
Open Access
  • Published: 08 Dec 2018
  • Publisher: IEEE
Abstract
Comment: CVPR 2019, code is available at: https://github.com/facebookresearch/ImageNet-Adversarial-Training
Subjects
free text keywords: Computer science, Adversarial system, Robustness (computer science), Network architecture, Ranking, Pattern recognition, Categorization, Contextual image classification, Deep learning, Noise reduction, Artificial intelligence, business.industry, business, Computer Science - Computer Vision and Pattern Recognition
27 references, page 1 of 2

[1] A. Athalye, N. Carlini, and D. Wagner. Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples. In ICML, 2018. 2, 5, 6

[2] A. Buades, B. Coll, and J.-M. Morel. A non-local algorithm for image denoising. In CVPR, 2005. 1, 3, 4

[3] Y. Dong, F. Liao, T. Pang, H. Su, X. Hu, J. Li, and J. Zhu. Boosting adversarial attacks with momentum. In CVPR, 2018. 5

[4] A. A. Efros and W. T. Freeman. Image quilting for texture synthesis and transfer. In SIGGRAPH, 2001. 2 [OpenAIRE]

[5] L. Engstrom, A. Ilyas, and A. Athalye. Evaluating and understanding the robustness of adversarial logit pairing. arXiv:1807.10272, 2018. 6

[6] I. J. Goodfellow, J. Shlens, and C. Szegedy. Explaining and harnessing adversarial examples. In ICLR, 2015. 2, 5

[7] P. Goyal, P. Dolla´r, R. Girshick, P. Noordhuis, L. Wesolowski, A. Kyrola, A. Tulloch, Y. Jia, and K. He. Accurate, large minibatch SGD: Training ImageNet in 1 hour. arXiv:1706.02677, 2017. 5

[8] C. Guo, M. Rana, M. Cisse, and L. van der Maaten. Countering adversarial images using input transformations. In ICLR, 2018. 2

[9] K. He, X. Zhang, S. Ren, and J. Sun. Deep residual learning for image recognition. In CVPR, 2016. 1, 2, 3, 5, 6

[10] H. Kannan, A. Kurakin, and I. Goodfellow. Adversarial logit pairing. In NIPS, 2018. 2, 5, 6

[11] A. Krizhevsky, I. Sutskever, and G. Hinton. Imagenet classification with deep convolutional neural networks. In NIPS, 2012. 1

[12] A. Kurakin, I. Goodfellow, and S. Bengio. Adversarial examples in the physical world. In ICLR Workshop, 2017. 5

[13] A. Kurakin, I. Goodfellow, S. Bengio, Y. Dong, F. Liao, M. Liang, T. Pang, J. Zhu, X. Hu, C. Xie, et al. Adversarial attacks and defences competition. arXiv:1804.00097, 2018. 2, 7

[14] Y. LeCun, B. Boser, J. S. Denker, D. Henderson, R. E. Howard, W. Hubbard, and L. D. Jackel. Backpropagation applied to handwritten zip code recognition. Neural computation, 1989. 1 [OpenAIRE]

[15] F. Liao, M. Liang, Y. Dong, and T. Pang. Defense against adversarial attacks using high-level representation guided denoiser. In CVPR, 2018. 2, 7

27 references, page 1 of 2
Abstract
Comment: CVPR 2019, code is available at: https://github.com/facebookresearch/ImageNet-Adversarial-Training
Subjects
free text keywords: Computer science, Adversarial system, Robustness (computer science), Network architecture, Ranking, Pattern recognition, Categorization, Contextual image classification, Deep learning, Noise reduction, Artificial intelligence, business.industry, business, Computer Science - Computer Vision and Pattern Recognition
27 references, page 1 of 2

[1] A. Athalye, N. Carlini, and D. Wagner. Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples. In ICML, 2018. 2, 5, 6

[2] A. Buades, B. Coll, and J.-M. Morel. A non-local algorithm for image denoising. In CVPR, 2005. 1, 3, 4

[3] Y. Dong, F. Liao, T. Pang, H. Su, X. Hu, J. Li, and J. Zhu. Boosting adversarial attacks with momentum. In CVPR, 2018. 5

[4] A. A. Efros and W. T. Freeman. Image quilting for texture synthesis and transfer. In SIGGRAPH, 2001. 2 [OpenAIRE]

[5] L. Engstrom, A. Ilyas, and A. Athalye. Evaluating and understanding the robustness of adversarial logit pairing. arXiv:1807.10272, 2018. 6

[6] I. J. Goodfellow, J. Shlens, and C. Szegedy. Explaining and harnessing adversarial examples. In ICLR, 2015. 2, 5

[7] P. Goyal, P. Dolla´r, R. Girshick, P. Noordhuis, L. Wesolowski, A. Kyrola, A. Tulloch, Y. Jia, and K. He. Accurate, large minibatch SGD: Training ImageNet in 1 hour. arXiv:1706.02677, 2017. 5

[8] C. Guo, M. Rana, M. Cisse, and L. van der Maaten. Countering adversarial images using input transformations. In ICLR, 2018. 2

[9] K. He, X. Zhang, S. Ren, and J. Sun. Deep residual learning for image recognition. In CVPR, 2016. 1, 2, 3, 5, 6

[10] H. Kannan, A. Kurakin, and I. Goodfellow. Adversarial logit pairing. In NIPS, 2018. 2, 5, 6

[11] A. Krizhevsky, I. Sutskever, and G. Hinton. Imagenet classification with deep convolutional neural networks. In NIPS, 2012. 1

[12] A. Kurakin, I. Goodfellow, and S. Bengio. Adversarial examples in the physical world. In ICLR Workshop, 2017. 5

[13] A. Kurakin, I. Goodfellow, S. Bengio, Y. Dong, F. Liao, M. Liang, T. Pang, J. Zhu, X. Hu, C. Xie, et al. Adversarial attacks and defences competition. arXiv:1804.00097, 2018. 2, 7

[14] Y. LeCun, B. Boser, J. S. Denker, D. Henderson, R. E. Howard, W. Hubbard, and L. D. Jackel. Backpropagation applied to handwritten zip code recognition. Neural computation, 1989. 1 [OpenAIRE]

[15] F. Liao, M. Liang, Y. Dong, and T. Pang. Defense against adversarial attacks using high-level representation guided denoiser. In CVPR, 2018. 2, 7

27 references, page 1 of 2
Powered by OpenAIRE Open Research Graph
Any information missing or wrong?Report an Issue
publication . Conference object . Preprint . 2018

Feature Denoising for Improving Adversarial Robustness

Xie, Cihang; Wu, Yuxin; van der Maaten, Laurens; Yuille, Alan; He, Kaiming;