抵御对抗性攻击的热图感知低成本设计:正在进行的工作

2020 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS) Pub Date : 2020-09-20 DOI:10.1109/CODESISSS51650.2020.9244017

Zhiyuan He, Wei Jiang, Jinyu Zhan, Xupeng Wang, Xiangyu Wen

{"title":"抵御对抗性攻击的热图感知低成本设计:正在进行的工作","authors":"Zhiyuan He, Wei Jiang, Jinyu Zhan, Xupeng Wang, Xiangyu Wen","doi":"10.1109/CODESISSS51650.2020.9244017","DOIUrl":null,"url":null,"abstract":"It is a challenging task to resist adversarial attacks due to the imperceptibility of adversarial examples. The passive defense method is developed based on a series of input transformations and has achieved a promising result, which however suffers from a high computation cost. In this paper, we design a new heatmap-aware method to defend adversarial attacks, leading to a significant decrease in the time cost. To be specific, we compute the classification importance from each part of the input to obtain the heatmap of the data, and the key areas of classification are extracted according to the heatmap. A series of transformations are applied to the key areas of the classification, which reduces the amount of data to be processed and thus reduces the time cost. A set of preliminary experiments are conducted to testify the effectiveness of the proposed approach.","PeriodicalId":437802,"journal":{"name":"2020 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Heatmap-Aware Low-Cost Design to Resist Adversarial Attacks: Work-in-Progress\",\"authors\":\"Zhiyuan He, Wei Jiang, Jinyu Zhan, Xupeng Wang, Xiangyu Wen\",\"doi\":\"10.1109/CODESISSS51650.2020.9244017\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"It is a challenging task to resist adversarial attacks due to the imperceptibility of adversarial examples. The passive defense method is developed based on a series of input transformations and has achieved a promising result, which however suffers from a high computation cost. In this paper, we design a new heatmap-aware method to defend adversarial attacks, leading to a significant decrease in the time cost. To be specific, we compute the classification importance from each part of the input to obtain the heatmap of the data, and the key areas of classification are extracted according to the heatmap. A series of transformations are applied to the key areas of the classification, which reduces the amount of data to be processed and thus reduces the time cost. A set of preliminary experiments are conducted to testify the effectiveness of the proposed approach.\",\"PeriodicalId\":437802,\"journal\":{\"name\":\"2020 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS)\",\"volume\":\"11 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-09-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CODESISSS51650.2020.9244017\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CODESISSS51650.2020.9244017","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

由于对抗性示例的不可感知性，抵抗对抗性攻击是一项具有挑战性的任务。基于一系列输入变换的被动防御方法取得了良好的效果，但存在计算量大的缺点。在本文中，我们设计了一种新的热图感知方法来防御对抗性攻击，从而显著降低了时间成本。具体来说，我们从输入的每个部分计算分类重要度，得到数据的热图，并根据热图提取分类的关键区域。将一系列转换应用于分类的关键区域，从而减少了需要处理的数据量，从而降低了时间成本。通过一系列初步实验验证了该方法的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Heatmap-Aware Low-Cost Design to Resist Adversarial Attacks: Work-in-Progress

It is a challenging task to resist adversarial attacks due to the imperceptibility of adversarial examples. The passive defense method is developed based on a series of input transformations and has achieved a promising result, which however suffers from a high computation cost. In this paper, we design a new heatmap-aware method to defend adversarial attacks, leading to a significant decrease in the time cost. To be specific, we compute the classification importance from each part of the input to obtain the heatmap of the data, and the key areas of classification are extracted according to the heatmap. A series of transformations are applied to the key areas of the classification, which reduces the amount of data to be processed and thus reduces the time cost. A set of preliminary experiments are conducted to testify the effectiveness of the proposed approach.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS)

自引率

0.00%

发文量