Adversarial Defense by Stratified Convolutional Sparse Coding

We propose an adversarial defense method that achieves state-of-the-art performance among attack-agnostic adversarial defense methods while also maintaining robustness to input resolution, scale of adversarial perturbation, and scale of dataset size. Based on convolutional sparse coding, we construc...

Full description

Saved in:
Bibliographic Details
Published in:Proceedings (IEEE Computer Society Conference on Computer Vision and Pattern Recognition. Online) pp. 11439 - 11448
Main Authors: Sun, Bo, Tsai, Nian-Hsuan, Liu, Fangchen, Yu, Ronald, Su, Hao
Format: Conference Proceeding
Language:English
Published: IEEE 01.06.2019
Subjects:
Convolutional codes
Deep Learning
Encoding
Image coding
Image quality
Image resolution
Neural networks
Pattern recognition
Perturbation methods
Reliability engineering
Representation Learning; Statistical Learning
Robustness
ISSN:1063-6919
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:We propose an adversarial defense method that achieves state-of-the-art performance among attack-agnostic adversarial defense methods while also maintaining robustness to input resolution, scale of adversarial perturbation, and scale of dataset size. Based on convolutional sparse coding, we construct a stratified low-dimensional quasi-natural image space that faithfully approximates the natural image space while also removing adversarial perturbations. We introduce a novel Sparse Transformation Layer (STL) in between the input image and the first layer of the neural network to efficiently project images into our quasi-natural image space. Our experiments show state-of-the-art performance of our method compared to other attack-agnostic adversarial defense methods in various adversarial settings.
ISSN:1063-6919
DOI:10.1109/CVPR.2019.01171