Enhancing the Robustness of Deep Neural Networks using Deep Neural Rejection

2023 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI) Pub Date : 2023-05-25 DOI:10.1109/ACCAI58221.2023.10199625

Lourdu Mahimai Doss, Dr. M. Gunasekaran

{"title":"Enhancing the Robustness of Deep Neural Networks using Deep Neural Rejection","authors":"Lourdu Mahimai Doss, Dr. M. Gunasekaran","doi":"10.1109/ACCAI58221.2023.10199625","DOIUrl":null,"url":null,"abstract":"Adversarial examples are inputs that have been intentionally generated in order to deceive deep neural networks (DNNs) into generating inaccurate predictions. These instances endanger the security and safety of DNNs in real-world applications. To solve this problem, we present a new defense against adversarial instances based on Deep Neural Rejection (DNR). The DNR approach involves training a secondary model, referred to as the rejector model, to identify and reject inputs that are unlikely to produce correct predictions. The rejector model can be trained using adversarial examples as well as benign samples to learn the difference between the two types of inputs. If an input is rejected by the rejector model, it is assumed to be adversarial, and the primary model will not make a prediction on it. The experimental findings show that the DNR technique improves DNN resilience against hostile cases while retaining excellent accuracy on benign samples. Furthermore, by lowering the amount of samples that must be processed, the DNR technique can minimize the computational cost of DNNs.","PeriodicalId":382104,"journal":{"name":"2023 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ACCAI58221.2023.10199625","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Adversarial examples are inputs that have been intentionally generated in order to deceive deep neural networks (DNNs) into generating inaccurate predictions. These instances endanger the security and safety of DNNs in real-world applications. To solve this problem, we present a new defense against adversarial instances based on Deep Neural Rejection (DNR). The DNR approach involves training a secondary model, referred to as the rejector model, to identify and reject inputs that are unlikely to produce correct predictions. The rejector model can be trained using adversarial examples as well as benign samples to learn the difference between the two types of inputs. If an input is rejected by the rejector model, it is assumed to be adversarial, and the primary model will not make a prediction on it. The experimental findings show that the DNR technique improves DNN resilience against hostile cases while retaining excellent accuracy on benign samples. Furthermore, by lowering the amount of samples that must be processed, the DNR technique can minimize the computational cost of DNNs.

查看原文本刊更多论文

利用深度神经拒绝增强深度神经网络的鲁棒性

对抗性示例是有意生成的输入，目的是欺骗深度神经网络(dnn)产生不准确的预测。这些实例危及dnn在实际应用中的安全性。为了解决这个问题，我们提出了一种基于深度神经排斥(DNR)的对抗实例的新防御方法。DNR方法包括训练二级模型，称为拒绝模型，以识别和拒绝不太可能产生正确预测的输入。可以使用对抗样本和良性样本来训练拒绝器模型，以学习两种类型输入之间的差异。如果一个输入被拒绝器模型拒绝，则假定它是对抗性的，并且主模型不会对其进行预测。实验结果表明，DNR技术提高了DNN对敌对情况的弹性，同时在良性样本上保持了良好的准确性。此外，通过降低必须处理的样本数量，DNR技术可以最大限度地减少dnn的计算成本。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2023 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI)

自引率

0.00%

发文量