Deep learning model is vulnerable to adversarial examples in the task of image classification. In this paper, a cluster-based method for defending against adversarial examples is proposed. Each adversarial example before attacking a classifier is reconstructed by a clustering algorithm according to the pixel values. The MNIST database of handwritten digits was used to assess the defence performance of the method under the fast gradient sign method (FGSM) and the DeepFool algorithm. The defence model proposed is simple and the trained classifier does not need to be retrained.
CITATION STYLE
Zheng, Y., Yun, H., Wang, F., Ding, Y., Huang, Y., & Liu, W. (2019). Defence Against Adversarial Attacks Using Clustering Algorithm. In Communications in Computer and Information Science (Vol. 1058, pp. 323–333). Springer Verlag. https://doi.org/10.1007/978-981-15-0118-0_25
Mendeley helps you to discover research relevant for your work.