New Adversarial Image Detection Based on Sentiment Analysis.

Publisher:
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Publication Type:
Journal Article
Citation:
IEEE Trans Neural Netw Learn Syst, 2024, PP, (99)
Issue Date:
2024
Filename Description Size
New_Adversarial_Image_Detection_Based_on_Sentiment_Analysis.pdfPublished version5.76 MB
Adobe PDF
Full metadata record
Deep neural networks (DNNs) are vulnerable to adversarial examples, while adversarial attack models, e.g., DeepFool, are on the rise and outrunning adversarial example detection techniques. This article presents a new adversarial example detector that outperforms state-of-the-art detectors in identifying the latest adversarial attacks on image datasets. Specifically, we propose to use sentiment analysis for adversarial example detection, qualified by the progressively manifesting impact of an adversarial perturbation on the hidden-layer feature maps of a DNN under attack. Accordingly, we design a modularized embedding layer with the minimum learnable parameters to embed the hidden-layer feature maps into word vectors and assemble sentences ready for sentiment analysis. Extensive experiments demonstrate that the new detector consistently surpasses the state-of-the-art detection algorithms in detecting the latest attacks launched against ResNet and Inception neutral networks on the CIFAR-10, CIFAR-100, and SVHN datasets. The detector only has about 2 million parameters and takes less than 4.6 ms to detect an adversarial example generated by the latest attack models using a Tesla K80 GPU card.
Please use this identifier to cite or link to this item: