Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Discerning the Chaos: Detecting Adversarial Perturbations while Disentangling Intentional from Unintentional Noises

Anubhooti Jain, Susim Roy, Kwanit Gupta, Mayank Vatsa, Richa Singh

TL;DR

This paper introduces CIAI, a Class-Independent Adversarial Intent detection network built on a modified vision transformer with detection layers that employs a novel loss function that combines Maximum Mean Discrepancy and Center Loss to detect both intentional and unintentional noise, regardless of the image class.

Abstract

Deep learning models, such as those used for face recognition and attribute prediction, are susceptible to manipulations like adversarial noise and unintentional noise, including Gaussian and impulse noise. This paper introduces CIAI, a Class-Independent Adversarial Intent detection network built on a modified vision transformer with detection layers. CIAI employs a novel loss function that combines Maximum Mean Discrepancy and Center Loss to detect both intentional (adversarial attacks) and unintentional noise, regardless of the image class. It is trained in a multi-step fashion. We also introduce the aspect of intent during detection that can act as an added layer of security. We further showcase the performance of our proposed detector on CelebA, CelebA-HQ, LFW, AgeDB, and CIFAR-10 datasets. Our detector is able to detect both intentional (like FGSM, PGD, and DeepFool) and unintentional (like Gaussian and Salt & Pepper noises) perturbations.

Discerning the Chaos: Detecting Adversarial Perturbations while Disentangling Intentional from Unintentional Noises

TL;DR

This paper introduces CIAI, a Class-Independent Adversarial Intent detection network built on a modified vision transformer with detection layers that employs a novel loss function that combines Maximum Mean Discrepancy and Center Loss to detect both intentional and unintentional noise, regardless of the image class.

Abstract

Deep learning models, such as those used for face recognition and attribute prediction, are susceptible to manipulations like adversarial noise and unintentional noise, including Gaussian and impulse noise. This paper introduces CIAI, a Class-Independent Adversarial Intent detection network built on a modified vision transformer with detection layers. CIAI employs a novel loss function that combines Maximum Mean Discrepancy and Center Loss to detect both intentional (adversarial attacks) and unintentional noise, regardless of the image class. It is trained in a multi-step fashion. We also introduce the aspect of intent during detection that can act as an added layer of security. We further showcase the performance of our proposed detector on CelebA, CelebA-HQ, LFW, AgeDB, and CIFAR-10 datasets. Our detector is able to detect both intentional (like FGSM, PGD, and DeepFool) and unintentional (like Gaussian and Salt & Pepper noises) perturbations.
Paper Structure (21 sections, 10 equations, 6 figures, 5 tables)

This paper contains 21 sections, 10 equations, 6 figures, 5 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Attacks and Corruptions:
  4. Defense and Detection:
  5. Proposed CIAI Network
  6. Proposed CIAI Detection Network
  7. Original vs Modified Images
  8. Intentionally Modified vs Unintentionally Modified Images
  9. Groups within Modified Images
  10. Detector Network
  11. Experiments
  12. Experimental Setting and Implementation Details
  13. Gender Prediction using CelebA and LFW Dataset:
  14. Cross Dataset Validation and other comparative results:
  15. Seen and Unseen Noises:
  16. ...and 6 more sections

Figures (6)

  • Figure 1: Labels affected using intentional (adversarial perturbations) as well as unintentional noises (corruptions).
  • Figure 2: The proposed CIAI detection network (built on the trained classifier). The five image sets are taken from original images, images attacked using two different adversarial attacks, and images modified using two different unintentional noises.
  • Figure 3: tSNE Plot for the proposed CIAI Detector trained on CelebA DBLP:conf/iccv/LiuLWT15 dataset for gender prediction.
  • Figure 4: tSNE Plot for the proposed CIAI Detector trained on LFW Huang2007a dataset for gender prediction.
  • Figure 5: Attention Maps for the AgeDB dataset. The top row indicates the modified images used in the experiments. The middle row shows the attention maps for the attribute prediction task; the green box indicates the correct classification label, that is, male here, and the red box indicates the incorrect classification label, that is, female. The last row shows attention maps for the detection task to detect intentional and unintentional noises; the green box indicates correct classification in the 3-class setting while red indicates incorrect classification.
  • ...and 1 more figures