Denoised Internal Models: a Brain-Inspired Autoencoder against Adversarial Attacks
Despite its great success, deep learning severely suffers from robustness; that is, deep neural networks are very vulnerable to adversarial attacks, even the simplest ones. Inspired by recent advances in brain science, we propose the Denoised Internal Models (DIM), a novel generative autoencoder-bas...
Uloženo v:
| Vydáno v: | arXiv.org |
|---|---|
| Hlavní autoři: | , , , , , , , , |
| Médium: | Paper |
| Jazyk: | angličtina |
| Vydáno: |
Ithaca
Cornell University Library, arXiv.org
05.03.2023
|
| Témata: | |
| ISSN: | 2331-8422 |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | Despite its great success, deep learning severely suffers from robustness; that is, deep neural networks are very vulnerable to adversarial attacks, even the simplest ones. Inspired by recent advances in brain science, we propose the Denoised Internal Models (DIM), a novel generative autoencoder-based model to tackle this challenge. Simulating the pipeline in the human brain for visual signal processing, DIM adopts a two-stage approach. In the first stage, DIM uses a denoiser to reduce the noise and the dimensions of inputs, reflecting the information pre-processing in the thalamus. Inspired from the sparse coding of memory-related traces in the primary visual cortex, the second stage produces a set of internal models, one for each category. We evaluate DIM over 42 adversarial attacks, showing that DIM effectively defenses against all the attacks and outperforms the SOTA on the overall robustness. |
|---|---|
| AbstractList | Despite its great success, deep learning severely suffers from robustness; that is, deep neural networks are very vulnerable to adversarial attacks, even the simplest ones. Inspired by recent advances in brain science, we propose the Denoised Internal Models (DIM), a novel generative autoencoder-based model to tackle this challenge. Simulating the pipeline in the human brain for visual signal processing, DIM adopts a two-stage approach. In the first stage, DIM uses a denoiser to reduce the noise and the dimensions of inputs, reflecting the information pre-processing in the thalamus. Inspired from the sparse coding of memory-related traces in the primary visual cortex, the second stage produces a set of internal models, one for each category. We evaluate DIM over 42 adversarial attacks, showing that DIM effectively defenses against all the attacks and outperforms the SOTA on the overall robustness. |
| Author | Lai, Yurui Zhang, Ge Guan, Jisong Li, Xingyu Wang, Jiachen Zhou, Yi Guo, Chunxu Liu, Kaiyuan Su, Hang |
| Author_xml | – sequence: 1 givenname: Kaiyuan surname: Liu fullname: Liu, Kaiyuan – sequence: 2 givenname: Xingyu surname: Li fullname: Li, Xingyu – sequence: 3 givenname: Yurui surname: Lai fullname: Lai, Yurui – sequence: 4 givenname: Ge surname: Zhang fullname: Zhang, Ge – sequence: 5 givenname: Hang surname: Su fullname: Su, Hang – sequence: 6 givenname: Jiachen surname: Wang fullname: Wang, Jiachen – sequence: 7 givenname: Chunxu surname: Guo fullname: Guo, Chunxu – sequence: 8 givenname: Jisong surname: Guan fullname: Guan, Jisong – sequence: 9 givenname: Yi surname: Zhou fullname: Zhou, Yi |
| BookMark | eNotj8FKw0AURQdRsNZ-gLuA69R5b_KSqbtYqwYqgnRfJjMvkhomdSYpfr4RXd3FuefCvRLnvvcsxA3IZaaJ5J0J3-1piQCwBKmz7EzMUClIdYZ4KRYxHqSUmBdIpGbi_ZF930Z2SeUHDt50yWvvuIv3iUkegml9Wvl4bMPUKMehZ28nHBLzMaE4JKU7cYgmtJNYDoOxn_FaXDSmi7z4z7nYPW1265d0-_Zcrcttagh1WueMrsYGwGhHiEgOVEM12oydlZYKJ61SetVQoRtHZMmYjNESsAIo1Fzc_s0eQ_81chz2h378PRD3mEsAWhWo1Q-XfFMF |
| ContentType | Paper |
| Copyright | 2023. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| Copyright_xml | – notice: 2023. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| DBID | 8FE 8FG ABJCF ABUWG AFKRA AZQEC BENPR BGLVJ CCPQU DWQXO HCIFZ L6V M7S PHGZM PHGZT PIMPY PKEHL PQEST PQGLB PQQKQ PQUKI PRINS PTHSS |
| DOI | 10.48550/arxiv.2111.10844 |
| DatabaseName | ProQuest SciTech Collection ProQuest Technology Collection ProQuest SciTech Premium Collection Technology Collection Materials Science & Engineering Database ProQuest Central (Alumni) ProQuest Central UK/Ireland ProQuest Central Essentials - QC ProQuest Central Technology Collection ProQuest One ProQuest Central Korea SciTech Premium Collection ProQuest Engineering Collection Engineering Database ProQuest Central Premium ProQuest One Academic (New) ProQuest Publicly Available Content Database ProQuest One Academic Middle East (New) ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Applied & Life Sciences ProQuest One Academic (retired) ProQuest One Academic UKI Edition ProQuest Central China Engineering Collection |
| DatabaseTitle | Publicly Available Content Database Engineering Database Technology Collection ProQuest One Academic Middle East (New) ProQuest Central Essentials ProQuest One Academic Eastern Edition ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Technology Collection ProQuest SciTech Collection ProQuest Central China ProQuest Central ProQuest One Applied & Life Sciences ProQuest Engineering Collection ProQuest One Academic UKI Edition ProQuest Central Korea Materials Science & Engineering Collection ProQuest Central (New) ProQuest One Academic ProQuest One Academic (New) Engineering Collection |
| DatabaseTitleList | Publicly Available Content Database |
| Database_xml | – sequence: 1 dbid: PIMPY name: ProQuest Publicly Available Content Database url: http://search.proquest.com/publiccontent sourceTypes: Aggregation Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Physics |
| EISSN | 2331-8422 |
| Genre | Working Paper/Pre-Print |
| GroupedDBID | 8FE 8FG ABJCF ABUWG AFKRA ALMA_UNASSIGNED_HOLDINGS AZQEC BENPR BGLVJ CCPQU DWQXO FRJ HCIFZ L6V M7S M~E PHGZM PHGZT PIMPY PKEHL PQEST PQGLB PQQKQ PQUKI PRINS PTHSS |
| ID | FETCH-LOGICAL-a528-b6e2db2f11a8d52225d13f5b2c4edc0c57d0c3389f578fd55c5aa4e2c51e31173 |
| IEDL.DBID | BENPR |
| IngestDate | Mon Jun 30 09:30:05 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a528-b6e2db2f11a8d52225d13f5b2c4edc0c57d0c3389f578fd55c5aa4e2c51e31173 |
| Notes | SourceType-Working Papers-1 ObjectType-Working Paper/Pre-Print-1 content type line 50 |
| OpenAccessLink | https://www.proquest.com/docview/2601159728?pq-origsite=%requestingapplication% |
| PQID | 2601159728 |
| PQPubID | 2050157 |
| ParticipantIDs | proquest_journals_2601159728 |
| PublicationCentury | 2000 |
| PublicationDate | 20230305 |
| PublicationDateYYYYMMDD | 2023-03-05 |
| PublicationDate_xml | – month: 03 year: 2023 text: 20230305 day: 05 |
| PublicationDecade | 2020 |
| PublicationPlace | Ithaca |
| PublicationPlace_xml | – name: Ithaca |
| PublicationTitle | arXiv.org |
| PublicationYear | 2023 |
| Publisher | Cornell University Library, arXiv.org |
| Publisher_xml | – name: Cornell University Library, arXiv.org |
| SSID | ssj0002672553 |
| Score | 1.8245864 |
| SecondaryResourceType | preprint |
| Snippet | Despite its great success, deep learning severely suffers from robustness; that is, deep neural networks are very vulnerable to adversarial attacks, even the... |
| SourceID | proquest |
| SourceType | Aggregation Database |
| SubjectTerms | Artificial neural networks Brain Machine learning Noise reduction Robustness Signal processing Thalamus Visual signals |
| Title | Denoised Internal Models: a Brain-Inspired Autoencoder against Adversarial Attacks |
| URI | https://www.proquest.com/docview/2601159728 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV07T8MwELagBYmJt3iUygOraR3HccKCWmhFB6qodCgTcvxAlaqkxGnFz8c2KQxILIyWPVi273y--_x9AFx3GeOSUIYk5QkKSZSgLIszlESCKmZDFC2FF5tg43E8myVpnXAzNaxy4xO9o5aFcDnyjqO-slcvC-K75TtyqlGuulpLaGyDpmMqs-e82R-M08l3liWImI2ZyVc505N3dXj5MV_f2OHY4evC8JcT9jfLcP-_czoAzZQvVXkItlR-BHY9olOYYzB5UHkxN0rCOum3gE73bGFuIYd9JwyBRrkrs9sRvVVVOEJLqUrI32yXqaBXajbcnU_Yqyr3Ff8ETIeD6f0jqgUUEKdBjLJIBTILNMY8ltQ97CQmmmaBCJUUXUGZ7Ar7RE20NVstKRWU81AFgmJFMGbkFDTyIldnAHZ55Lj6PHOUDQFUTAXXTGJNMiISrs9Ba7NCr7URmNef5bn4u_sS7DkVdw_toi3QqMqVugI7Yl3NTdmu97TtYJnPtpWOntKXT3LOr30 |
| linkProvider | ProQuest |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1LS8QwEB50VfTkG9_moMe4Tdo0rSCirmJRl0X2oKeSJqksSKttff0o_6NJbfUgePPgOaWQzGQyM_nyfQA7DudCuYxjxUSIPdcPcZIECQ59yTQ3KUqqZC02wfv94OYmHIzBe_sWxsIq25hYB2qVS9sj71rqK3P0chocPjxiqxplb1dbCY1Pt7jQby-mZCsPop6x7y6lZ6fDk3PcqApgwWiAE19TldCUEBEoZqsdRdyUJVR6WklHMq4caeq2MDW-nCrGJBPC01Qyol1CuGt-Ow4TnvF1pwMTg-hqcPvV1KE-Nym6-3l7WnOFdUXxOnreM2UWsXA-z_sR8-uD7Gz2ny3BnJm6eNDFPIzpbAGmaryqLBfhuqezfFRqhZqW5j2yqm735T4S6NjKXuAosyAC88XRU5Vbuk6lCyTuzFBZoVqHuhR296GjqrJEA0sw_ItZLEMnyzO9AsgRvmUirHmxTIKjAyZFyhVJ3cSVoUhXYaM1SNxs8TL-tsba78PbMH0-vLqML6P-xTrMWL36GsTGNqBTFU96EyblczUqi63GnRDEf2y9D83DCS8 |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Denoised+Internal+Models%3A+a+Brain-Inspired+Autoencoder+against+Adversarial+Attacks&rft.jtitle=arXiv.org&rft.au=Liu%2C+Kaiyuan&rft.au=Li%2C+Xingyu&rft.au=Lai%2C+Yurui&rft.au=Zhang%2C+Ge&rft.date=2023-03-05&rft.pub=Cornell+University+Library%2C+arXiv.org&rft.eissn=2331-8422&rft_id=info:doi/10.48550%2Farxiv.2111.10844 |