Advances in adversarial attacks and defenses in computer vision: A survey

Akhtar, Naveed; Mian, Ajmal; Kardan, Navid; Shah, Mubarak

doi:10.48550/arxiv.2108.00401

Cited by 7 publications

(10 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This indicates an increasing interest of the research community in this direction. This trend is inline with the literature in a closely related research direction of adversarial attacks on deep learning [108]. We conjecture that this ever increasing research activity in these directions is a natural consequence of awareness of vulnerabilities of deep learning in adversarial setups.…”

Section: Discussion and Future Outlooksupporting

confidence: 69%

“…Hence, there is still considerable opportunity to explore new sub-topics in this direction. A guide to such an exploration is provided by the sister problem of adversarial attacks on deep learning [108]. The discovery of adversarial attacks was made in 2013 -a few year earlier than identification of neural Trojans.…”

Section: Discussion and Future Outlookmentioning

confidence: 99%

“…It is often mentioned in the literature that such defenses can be broken with the help of adaptive strategies [104], [105]. Hence, similar to the certified defenses for adversarial examples [108], researchers have also started investigating such defenses for Trojan attacks. For instance, Wang et al [94] proposed a random smoothing technique that adds random noise to the sample to ensure the robustness of the resulting model against the adaptive attacks.…”

Section: G Certified Trojan Defensesmentioning

confidence: 99%

“…As compared to [3] and [4], we also review the very recent developments and provide the outlook of a more matured research area. Moreover, we also tap into our experience in adversarial machine learning [108], [110] to draw insights from that parallel research direction to guide the literature in Trojan attacks. Our literature review also covers both aspects of Trojan attacks and defenses.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Survey of Neural Trojan Attacks and Defenses in Deep Learning

Wang¹,

Hassan²,

Akhtar³

2022

Preprint

Self Cite

View full text Add to dashboard Cite

Artificial Intelligence (AI) relies heavily on deep learning -a technology that is becoming increasingly popular in real-life applications of AI, even in the safety-critical and high-risk domains. However, it is recently discovered that deep learning can be manipulated by embedding Trojans inside it. Unfortunately, pragmatic solutions to circumvent the computational requirements of deep learning, e.g. outsourcing model training or data annotation to third parties, further add to model susceptibility to the Trojan attacks. Due to the key importance of the topic in deep learning, recent literature has seen many contributions in this direction. We conduct a comprehensive review of the techniques that devise Trojan attacks for deep learning and explore their defenses. Our informative survey systematically organizes the recent literature and discusses the key concepts of the methods while assuming minimal knowledge of the domain on the readers part. It provides a comprehensible gateway to the broader community to understand the recent developments in Neural Trojans.

show abstract

Section: Discussion and Future Outlooksupporting

confidence: 69%

Section: Discussion and Future Outlookmentioning

confidence: 99%

Section: G Certified Trojan Defensesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Survey of Neural Trojan Attacks and Defenses in Deep Learning

Wang¹,

Hassan²,

Akhtar³

2022

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…Deep Neural Networks (DNNs) have showcased their superior performance in visual understanding tasks like image classification and video recognition [10]. Adversarial attacks could impact both image and video elements of data, causing the machine learning model to make an inaccurate prediction with a high level of confidence [11]. Commonly, a majority of the attacks in the healthcare domain target medical imaging data (e.g., X-rays, CT scans, radiographs, MRI's, etc.)…”

Section: Introductionmentioning

confidence: 99%

Addressing Adversarial Machine Learning Attacks in Smart Healthcare Perspectives

Arawinkumaar¹,

Pal²,

Jadidi³

2021

Preprint

View full text Add to dashboard Cite

Smart healthcare systems are gaining popularity with the rapid development of intelligent sensors, the Internet of Things (IoT) applications and services, and wireless communications. However, at the same time, several vulnerabilities and adversarial attacks make it challenging for a safe and secure smart healthcare system from a security point of view. Machine learning has been used widely to develop suitable models to predict and mitigate attacks. Still, the attacks could trick the machine learning models and misclassify outputs generated by the model. As a result, it leads to incorrect decisions, for example, false disease detection and wrong treatment plans for patients. In this paper, we address the type of adversarial attacks and their impact on smart healthcare systems. We propose a model to examine how adversarial attacks impact machine learning classifiers. To test the model, we use a medical image dataset. Our model can classify medical images with high accuracy. We then attacked the model with a Fast Gradient Method Sign attack (FGSM) to cause the model to predict the images and misclassify them inaccurately. Using transfer learning, we train a VGG-19 model with the medical dataset and later implement the FGSM to the Convolutional Neural Network (CNN) to examine the significant impact it causes on the performance and accuracy of the machine learning model. Our results demonstrate that the adversarial attack misclassifies the images, causing the model's accuracy rate to drop from 88% to 11%.

show abstract