Vax-a-Net: Training-time Defence Against Adversarial Patch Attacks

30/11/2020

Vax-a-Net: Training-time Defence Against Adversarial Patch Attacks

Thomas Gittings, Steve Schneider, John Collomosse

Keywords:

Abstract Paper Similar Papers

Abstract: We present Vax-a-Net; a technique for immunizing convolutional neural networks (CNNs) against adversarial patch attacks (APAs). APAs insert visually overt, local regions (patches) into an image to induce misclassification. We introduce a conditional Generative Adversarial Network (GAN) architecture that simultaneously learns to synthesise patches for use in APAs, whilst exploiting those attacks to adapt a pre-trained target CNN to reduce its susceptibility to them. This approach enables resilience against APAs to be conferred to pre-trained models, which would be impractical with conventional adversarial training due to the slow convergence of APA methods. We demonstrate transferability of this protection to defend against existing APAs, and show its efficacy across several contemporary CNN architectures.

The video of this talk cannot be embedded. You can watch it here:

https://accv2020.github.io/miniconf/poster_614.html

(Link will open in new window)

0

0

0

0

Share

This is an embedded video. Talk and the respective paper are published at ACCV 2020 virtual conference. If you are one of the authors of the paper and want to manage your upload, see the question "My papertalk has been externally embedded..." in the FAQ section.

Comments

Post Comment

no comments yet

Similar Papers

14/06/2020

Enhancing Intrinsic Adversarial Robustness via Feature Pyramid Decoder

Guanlin Li, Shuya Ding, Jun Luo, Chang Liu

Keywords Paper

adversarial defense, feature denoise, multi-task learning, self-supervised learning, image restoration, lipschitz constant constraint, feature pyramid decoder

0

0

0

0

1:01

06/12/2020

DVERGE: Diversifying Vulnerabilities for Enhanced Robust Generation of Ensembles

Huanrui Yang, Jingyang Zhang, Hongliang Dong and
Nathan Inkawhich, Andrew Gardner, Andrew Touchet, Wesley Wilkes, Heath Berry, Helen Li

Keywords Paper

0

0

0

0

3:25

14/06/2020

A Self-supervised Approach for Adversarial Robustness

Muzammal Naseer, Salman Khan, Munawar Hayat and
Fahad Shahbaz Khan, Fatih Porikli

Keywords Paper

self-supervision, defense, attack, perceptual-features, classification, segmentation, object-detection, adversarial-learning, dynamic-defense, zero-shot

0

0

0

0

5:01

22/11/2021

Generative Dynamic Patch Attack

Xiang Li, Shihao Ji

Keywords Paper

patch attack, adversarial attack, adversarial defense, adversarial training, robustness, generative model

0

0

0

0

2:46

22/11/2021

WAN: Watermarking Attack Network

Seung-Hun Nam, IN JAE YU, Seung-Min Mun and
Daesik Kim, Wonhyuk Ahn

Keywords Paper

watermarking attack, watermark bit inversion, neural network-based watermarking attack

0

0

0

0

3:04

14/06/2020

Syn2Real Transfer Learning for Image Deraining Using Gaussian Processes

Rajeev Yasarla, Vishwanath A. Sindagi, Vishal M. Patel

Keywords Paper

deraining, rainy image, rain residue, semi-supervision learning, gaussian processes, labeled data, unlabeled data, pseudo-ground truth, synthetic data, real-world data.

0

0

0

0

5:01

14/06/2020

Meta-Transfer Learning for Zero-Shot Super-Resolution

Jae Woong Soh, Sunwoo Cho, Nam Ik Cho

Keywords Paper

zero-shot super-resolution, meta learning, transfer learning

0

0

0

0

0:59

06/12/2021

Adaptive Denoising via GainTuning

Sreyas Mohan, Joshua L Vincent, Ramon Manzorro and
Peter Crozier, Carlos Fernandez-Granda, Eero P Simoncelli

Keywords Paper

deep learning

0

0

0

0

15:08

14/06/2020

Regularizing CNN Transfer Learning With Randomised Regression

Yang Zhong, Atsuto Maki

Keywords Paper

transfer learning, network regularization, randomised regression, pseudo task regularization, limited samples

0

0

0

0

0:58

02/02/2021

Improving Adversarial Robustness via Probabilistically Compact Loss with Logit Constraints

Xin Li, Xiangrui Li, Deng Pan, Dongxiao Zhu

Keywords Paper

0

0

0

0

16:06

14/06/2020

When to Use Convolutional Neural Networks for Inverse Problems

Nathaniel Chodosh, Simon Lucey

Keywords Paper

optimization, sparse coding, inverse problems, trajectory reconstruction, artifact removal

0

0

0

0

1:02

12/07/2020

Channel Equilibrium Networks for Learning Deep Representation

Wenqi Shao, Shitao Tang, Xingang Pan and
Ping Tan, Xiaogang Wang, Ping Luo

Keywords Paper

Deep Learning - General

0

0

0

0

15:17

02/02/2021

Looking Wider for Better Adaptive Representation in Few-Shot Learning

Jiabao Zhao, Yifan Yang, Xin Lin and
Jing Yang, Liang He

Keywords Paper

0

0

0

0

16:58

02/02/2021

Near Lossless Transfer Learning for Spiking Neural Networks

Zhanglu Yan, Jun Zhou, Weng-Fai Wong

Keywords Paper

0

0

0

0

16:34

03/05/2021

Stabilized Medical Image Attacks

Gege Qi, Lijun GONG, Yibing Song and
Kai Ma, Yefeng Zheng

Keywords Paper

Healthcare, Biometrics

0

0

0

0

9:10

22/11/2021

Adversarial Robustness Comparison of Vision Transformer and MLP-Mixer to CNNs

Philipp Benz, Soomin Ham, Chaoning Zhang and
Adil Karjauv, In So Kweon

Keywords Paper

Adversarial Examples, Adversarial Perturbation, Adversarial Robustness, Robustness, Adversarial Transferability, Vision Transformers, ViT, MLP-Mixer, CNN

1

0

0

1

3:17

06/12/2021

FL-WBC: Enhancing Robustness against Model Poisoning Attacks in Federated Learning from a Client Perspective

Jingwei Sun, Ang Li, Louis DiValentin and
Amin Hassanzadeh, Yiran Chen, Hai Li

Keywords Paper

robustness, federated learning

0

0

0

0

12:30

03/05/2021

Stochastic Security: Adversarial Defense Using Long-Run Dynamics of Energy-Based Models

Mitch Hill, Jonathan Mitchell, Song-Chun Zhu

Keywords Paper

energy-based model, adversarial defense, adversarial attack, Langevin sampling, Markov chain Monte Carlo, adversarial robustness

0

0

0

0

4:51

02/02/2021

Invertible Concept-based Explanations for CNN Models with Non-negative Concept Activation Vectors

Ruihan Zhang, Prashan Madumal, Tim Miller and
Krista A. Ehinger, Benjamin I. P. Rubinstein

Keywords Paper

0

0

0

0

17:28

05/01/2021

Group Softmax Loss With Discriminative Feature Grouping

Takumi Kobayashi

Keywords Paper

0

0

0

0

4:49

06/12/2021

Adversarial Feature Desensitization

Pouya Bashivan, Reza Bayat, Adam Ibrahim and
Kartik Ahuja, Mojtaba Faramarzi, Touraj Laleh, Blake Richards, Irina Rish

Keywords Paper

deep learning, robustness, adversarial robustness and security, domain adaptation

0

0

0

0

13:27

26/04/2020

Robust Local Features for Improving the Generalization of Adversarial Training

Chuanbiao Song, Kun He, Jiadong Lin and
Liwei Wang, John E. Hopcroft

Keywords Paper

adversarial robustness, adversarial training, adversarial example, deep learning

0

0

0

0

4:01

14/06/2020

One Man’s Trash Is Another Man’s Treasure: Resisting Adversarial Examples by Adversarial Examples

Chang Xiao, Changxi Zheng

Keywords Paper

adversarial defense, adversarial examples, adversarial learning, deep learning

0

0

0

0

1:01

14/06/2020

Deep Degradation Prior for Low-Quality Image Classification

Yang Wang, Yang Cao, Zheng-Jun Zha and
Jing Zhang, Zhiwei Xiong

Keywords Paper

low quality image classification, degraded image recognition, deep degradation prior, without semantic supervision, non classical receptive field

0

0

0

0

4:56

14/06/2020

Erasing Integrated Learning: A Simple Yet Effective Approach for Weakly Supervised Object Localization

Jinjie Mai, Meng Yang, Wenfeng Luo

Keywords Paper

weakly supervised, object localization, adversarial erasing

0

0

0

0

5:00

14/06/2020

ECA-Net: Efficient Channel Attention for Deep Convolutional Neural Networks

Qilong Wang, Banggu Wu, Pengfei Zhu and
Peihua Li, Wangmeng Zuo, Qinghua Hu

Keywords Paper

channel attention, efficient, adaptive 1d convolution, deep cnns, image classifcation, object detection, instance segmentation

0

0

0

0

0:57

26/04/2020

Enhancing Transformation-Based Defenses Against Adversarial Attacks with a Distribution Classifier

Connie Kou, Hwee Kuan Lee, Ee-Chien Chang, Teck Khim Ng

Keywords Paper

adversarial attack, transformation defenses, distribution classifier

0

0

0

0

4:19

05/01/2021

Hierarchical Generative Adversarial Networks for Single Image Super-Resolution

Weimin Chen, Yuqing Ma, Xianglong Liu, Yi Yuan

Keywords Paper

0

0

0

0

4:46

06/12/2021

Do Wider Neural Networks Really Help Adversarial Robustness?

Boxi Wu, Jinghui Chen, Deng Cai and
Xiaofei He, Quanquan Gu

Keywords Paper

deep learning, robustness, adversarial robustness and security

0

0

0

0

12:23

06/12/2020

Group Knowledge Transfer: Federated Learning of Large CNNs at the Edge

Chaoyang He, Murali Annavaram, Salman Avestimehr

Keywords Paper

0

0

0

0

3:17

03/05/2021

Improving Adversarial Robustness via Channel-wise Activation Suppressing

Yang Bai, Yuyuan Zeng, Yong Jiang and
Shu-Tao Xia, Daniel Ma, Yisen Wang

Keywords Paper

channel suppressing, Adversarial robustness, activation strategy.

0

0

0

0

15:53

03/05/2021

FedBN: Federated Learning on Non-IID Features via Local Batch Normalization

Xiaoxiao Li, Meirui Jiang, Xiaofei Zhang and
Michael Kamp, Qi Dou

Keywords Paper

Batch Normalization, Non-IID, Federated Learning

0

0

0

0

5:11

07/09/2020

Transferring Pretrained Networks to Small Data via Category Decorrelation

Ying Jin, Zhangjie Cao, Mingsheng Long, Jianmin Wang

Keywords Paper

Category Decorrelation, Under Transfer

1

1

0

0

8:39

02/02/2021

Frequency Consistent Adaptation for Real World Super Resolution

Xiaozhong Ji, Guangpin Tao, Yun Cao and
Ying Tai, Tong Lu, Chengjie Wang, Jilin Li, Feiyue Huang

Keywords Paper

0

0

0

0

14:32

22/11/2021

Lightweight HDR Camera ISP for Robust Perception in Dynamic Illumination Conditions via Fourier Adversarial Networks

Pranjay Shyam, Sandeep Singh Sengar, Kuk-Jin Yoon, Kyung-Soo Kim

Keywords Paper

Low Light Image Enhancement, High Dynamic Range Image Signal Processing, Fourier Adversarial Networks

0

0

0

0

2:52

22/11/2021

Rethinking Token-Mixing MLP for MLP-based Vision Backbone

Tan Yu, XU LI, Yunfeng Cai and
Mingming Sun, Ping Li

Keywords Paper

vision backbone, MLP, image recognition

0

0

0

0

1:59

06/12/2020

Dual Manifold Adversarial Robustness: Defense against Lp and non-Lp Adversarial Attacks

Wei-An Lin, Chun Pong Lau, Alexander Levine and
Rama Chellappa, Soheil Feizi

Keywords Paper

0

0

0

0

3:24

02/02/2021

Addressing Class Imbalance in Federated Learning

Lixu Wang, Shichao Xu, Xiao Wang, Qi Zhu

Keywords Paper

0

0

0

0

18:15

03/05/2021

A Panda? No, It's a Sloth: Slowdown Attacks on Adaptive Multi-Exit Neural Network Inference

Sanghyun Hong, Yigitcan Kaya, Ionut-Vlad Modoranu, Tudor Dumitras

Keywords Paper

efficient inference, adversarial examples, input-adaptive multi-exit neural networks, Slowdown attacks

0

0

0

0

10:24

14/06/2020

Deep Facial Non-Rigid Multi-View Stereo

Ziqian Bai, Zhaopeng Cui, Jamal Ahmed Rahim and
Xiaoming Liu, Ping Tan

Keywords Paper

multi-view 3d, non-rigid reconstruction, face reconstruction, deep learning

0

0

0

0

1:01