An ensemble filtering adversarial defense approach based data augmentation
Deep neural networks(DNNs)have strong expressive power and can learn high level and abstract repre-sentations from massive heterogeneous data.However,DNNs are susceptible to adversarial sample attacks in applica-tions,posing serious security threats to their applications.This paper proposes an integrated adversarial defense ap-proach based on data augmentation to address the issues of the existing defense methods,only applicable to specific at-tack algorithms and requiring a large number of original adversarial samples.Firstly,by using data augmentation meth-ods to expand the data volume and diversity of adversarial samples,the drawbacks of requiring a large number of adver-sarial samples can be addressed;Next,multiple image filtering methods are integrated to perform input transformation on adversarial samples,achieving universal defense effectiveness.The experiment is based on the MNIST and CIFAR-10 datasets,and the experimental results demonstrate the effectiveness of the proposed method.
NETL
NSTL
万方数据
