Bit flipping-based error correcting output code construction for adversarial robustness of neural networks

IF 4.1 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

ICT Express Pub Date : 2025-02-13 DOI:10.1016/j.icte.2025.02.002

Wooram Jang , Woojin Hwang , Kezhong Jin , Hosung Park

引用次数: 0

Abstract

In this paper, we propose a method for constructing error-correcting output codes (ECOCs) based on a codeword bit flipping algorithm to enhance adversarial robustness of neural networks. In the previous work in Verma and Swami (2019), ECOCs are applied to deep neural networks (DNNs) based on the analogy between channel noise and adversarial examples to achieve state-of-the-art adversarial robustness. To improve adversarial robustness, it was proposed in Wan et al. (2022) to optimize the Hamming distance between codewords and employ codeword assignment algorithms. Our study achieves approximately a 8% accuracy improvement on MNIST and CIFAR-10 under adversarial attacks compared to the method proposed in Wan et al. (2022).

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

ICT Express Multiple-

CiteScore

10.20

自引率

1.90%

发文量

167

审稿时长

35 weeks

期刊介绍： The ICT Express journal published by the Korean Institute of Communications and Information Sciences (KICS) is an international, peer-reviewed research publication covering all aspects of information and communication technology. The journal aims to publish research that helps advance the theoretical and practical understanding of ICT convergence, platform technologies, communication networks, and device technologies. The technology advancement in information and communication technology (ICT) sector enables portable devices to be always connected while supporting high data rate, resulting in the recent popularity of smartphones that have a considerable impact in economic and social development.