CNR Institutional Research Information System

Neural networks are now used in many sectors of our daily life thanks to efficient solutions such instruments provide for diverse tasks. Leaving to artificial intelligence the chance to make choices on behalf of humans inevitably exposes these tools to be fraudulently attacked. In fact, adversarial examples, intentionally crafted to fool a neural network, can dangerously induce a misclassification though appearing innocuous for a human observer. On such a basis, this paper focuses on the problem of image classification and proposes an analysis to better insight what happens inside a convolutional neural network (CNN) when it evaluates an adversarial example. In particular, the activations of the internal network layers have been analyzed and exploited to design possible countermeasures to reduce CNN vulnerability. Experimental results confirm that layer activations can be adopted to detect adversarial inputs.

Exploiting CNN layer activations to improve adversarial image classification

Carrara F;Falchi F;Amato G
2019

Abstract

Neural networks are now used in many sectors of our daily life thanks to efficient solutions such instruments provide for diverse tasks. Leaving to artificial intelligence the chance to make choices on behalf of humans inevitably exposes these tools to be fraudulently attacked. In fact, adversarial examples, intentionally crafted to fool a neural network, can dangerously induce a misclassification though appearing innocuous for a human observer. On such a basis, this paper focuses on the problem of image classification and proposes an analysis to better insight what happens inside a convolutional neural network (CNN) when it evaluates an adversarial example. In particular, the activations of the internal network layers have been analyzed and exploited to design possible countermeasures to reduce CNN vulnerability. Experimental results confirm that layer activations can be adopted to detect adversarial inputs.
2019
Istituto di Scienza e Tecnologie dell'Informazione "Alessandro Faedo" - ISTI
Inglese
ICIP 2019 - IEEE International Conference on Image Processing
2019-September
2289
2293
978-1-5386-6249-6
https://ieeexplore.ieee.org/document/8803776
Sì, ma tipo non specificato
22-25 September, 2019
Taipei, Taiwan
Adversarial images
neural networks
layer activations
adversarial detection
2-s2.0-85076808262
WOS:000521828602082
3
partially_open
Caldelli R.; Becarelli R.; Carrara F.; Falchi F.; Amato G.
273
info:eu-repo/semantics/conferenceObject
04 Contributo in convegno::04.01 Contributo in Atti di convegno
04.01 Contributo in Atti di convegno
File in questo prodotto:
File Dimensione Formato  
prod_422758-doc_150374.pdf

non disponibili

Descrizione: Exploiting CNN layer activations to improve adversarial image classification
Tipologia: Versione Editoriale (PDF)
Dimensione 469.89 kB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
469.89 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
prod_422758-doc_160005.pdf

accesso aperto

Descrizione: Exploiting CNN layer activations to improve adversarial image classification
Tipologia: Versione Editoriale (PDF)
Dimensione 451.42 kB
Formato Adobe PDF
Visualizza/Apri
451.42 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14243/379901
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? 5
social impact