Abstract
Deep learning image classifiers are known to be vulnerable to small adversarial perturbations of input images. In this paper, we derive the locally optimal generalized likelihood ratio test based detector for detecting stochastic targeted universal adversarial perturbations to a classifier's input. We employ a two-stage process to learn the detector's parameters, which involves unsupervised maximum likelihood estimation followed by supervised training and demonstrates better performance of the detector compared to other detection methods on several popular image classification datasets.
Original language | English (US) |
---|---|
Pages (from-to) | 5025-5029 |
Number of pages | 5 |
Journal | ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings |
Volume | 2021-June |
DOIs | |
State | Published - 2021 |
Event | 2021 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2021 - Virtual, Toronto, Canada Duration: Jun 6 2021 → Jun 11 2021 |
Keywords
- Image classification
- Locally optimal tests
- Neural networks
- Universal adversarial perturbations
ASJC Scopus subject areas
- Software
- Signal Processing
- Electrical and Electronic Engineering