TENET: a new hybrid network architecture for adversarial defense

Basit Öğe Kaydı
dc.authorid0000-0002-6214-6262
dc.authorid0000-0002-2434-9966
dc.authorid0000-0003-0298-0690
dc.contributor.authorTuna, Ömer Faruken_US
dc.contributor.authorÇatak, Ferhat Özgüren_US
dc.contributor.authorEskil, Mustafa Taneren_US
dc.date.accessioned2023-03-27T07:25:00Z
dc.date.available2023-03-27T07:25:00Z
dc.date.issued2023-08
dc.departmentIşık Üniversitesi, Mühendislik ve Doğa Bilimleri Fakültesi, Bilgisayar Mühendisliği Bölümüen_US
dc.departmentIşık University, Faculty of Engineering and Natural Sciences, Department of Computer Engineeringen_US
dc.descriptionThis work was supported by The Scientific and Technological Research Council of Turkey (TUBITAK) through the 1515 Frontier Research and Development Laboratories Support Program under Project 5169902, and has been partly funded by the European Union’s Horizon Europe research and innovation programme and Smart Networks and Services Joint Undertaking (SNS JU) under Grant Agreement No: 101096034 (VERGE Project).en_US
dc.description.abstractDeep neural network (DNN) models are widely renowned for their resistance to random perturbations. However, researchers have found out that these models are indeed extremely vulnerable to deliberately crafted and seemingly imperceptible perturbations of the input, referred to as adversarial examples. Adversarial attacks have the potential to substantially compromise the security of DNN-powered systems and posing high risks especially in the areas where security is a top priority. Numerous studies have been conducted in recent years to defend against these attacks and to develop more robust architectures resistant to adversarial threats. In this study, we propose a new architecture and enhance a recently proposed technique by which we can restore adversarial samples back to their original class manifold. We leverage the use of several uncertainty metrics obtained from Monte Carlo dropout (MC Dropout) estimates of the model together with the model’s own loss function and combine them with the use of defensive distillation technique to defend against these attacks. We have experimentally evaluated and verified the efficacy of our approach on MNIST (Digit), MNIST (Fashion) and CIFAR10 datasets. In our experiments, we showed that our proposed method reduces the attack’s success rate lower than 5% without compromising clean accuracy.en_US
dc.description.sponsorship1515 Frontier Research and Development Laboratories Support Programen_US
dc.description.sponsorshipEuropean Union’s Horizon Europe research and innovation programmeen_US
dc.description.sponsorshipTürkiye Bilimsel ve Teknolojik Araştırma Kurumuen_US
dc.description.versionPublisher's Versionen_US
dc.identifier.citationTuna, Ö. F., Çatak, F. Ö. & Eskil, M. T. (2023). TENET: a new hybrid network architecture for adversarial defense. International Journal of Information Security, 22(4), 987-1004. doi:10.1007/s10207-023-00675-1en_US
dc.identifier.doi10.1007/s10207-023-00675-1
dc.identifier.endpage1004
dc.identifier.issn1615-5262
dc.identifier.issn1615-5270
dc.identifier.issue4
dc.identifier.scopus2-s2.0-85150178910
dc.identifier.scopusqualityQ1
dc.identifier.startpage987
dc.identifier.urihttps://hdl.handle.net/11729/5444
dc.identifier.urihttp://dx.doi.org/10.1007/s10207-023-00675-1
dc.identifier.volume22
dc.identifier.wosWOS:000952164000001
dc.identifier.wosqualityQ2
dc.indekslendigikaynakWeb of Scienceen_US
dc.indekslendigikaynakScopusen_US
dc.indekslendigikaynakScience Citation Index Expanded (SCI-EXPANDED)en_US
dc.institutionauthorEskil, Mustafa Taneren_US
dc.institutionauthorid0000-0003-0298-0690
dc.language.isoenen_US
dc.peerreviewedYesen_US
dc.publicationstatusPublisheden_US
dc.publisherSpringer Science and Business Media Deutschland GmbHen_US
dc.relation.ispartofInternational Journal of Information Securityen_US
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanıen_US
dc.rightsinfo:eu-repo/semantics/closedAccessen_US
dc.subjectAdversarial machine learningen_US
dc.subjectModel uncertaintyen_US
dc.subjectMonte Carlo dropout samplingen_US
dc.subjectRobustnessen_US
dc.subjectDistillationen_US
dc.subjectMonte Carlo methodsen_US
dc.subjectNetwork architectureen_US
dc.subjectUncertainty analysisen_US
dc.subjectHybrid networken_US
dc.subjectLoss functionsen_US
dc.subjectMachine-learningen_US
dc.subjectModeling uncertaintiesen_US
dc.subjectNeural network modelen_US
dc.subjectRandom perturbationsen_US
dc.subjectUncertaintyen_US
dc.subjectDeep neural networksen_US
dc.titleTENET: a new hybrid network architecture for adversarial defenseen_US
dc.typeArticleen_US

Dosyalar

Orijinal paket
Listeleniyor 1 - 1 / 1
Küçük Resim Yok
İsim:
TENET_a_new_hybrid_network_architecture_for_adversarial_defense.pdf
Boyut:
1.52 MB
Biçim:
Adobe Portable Document Format
Açıklama:
Publisher's Version
İndir
Lisans paketi
Listeleniyor 1 - 1 / 1
Küçük Resim Yok
İsim:
license.txt
Boyut:
1.44 KB
Biçim:
Item-specific license agreed upon to submission
Açıklama:
İndir

Koleksiyon

Makale Koleksiyonu | Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering
Scopus İndeksli Yayınlar Koleksiyonu
WoS İndeksli Yayınlar Koleksiyonu