Conference proceedings

Detecting adversarial example attacks to deep neural networks

Carrara F, Falchi F, Caldelli R, Amato G, Fumarola R, Becarelli R ...see all

Proceedings of the 15th International Workshop on Content-Based Multimedia Indexing - CBMI '17, vol. 717 (2017) pp. 1-7 Published by ACM Press

  • 13


    Mendeley users who have this article in their library.
  • 0


    Citations of this article.
Sign in to save reference


Deep learning has recently become the state of the art in many com-puter vision applications and in image classification in particular. However, recent works have shown that it is quite easy to create adversarial examples, i.e., images intentionally created or modified to cause the deep neural network to make a mistake. They are like optical illusions for machines containing changes unnoticeable to the human eye. This represents a serious threat for machine learn-ing methods. In this paper, we investigate the robustness of the representations learned by the fooled neural network, analyzing the activations of its hidden layers. Specifically, we tested scoring approaches used for kNN classification, in order to distinguishing between correctly classified authentic images and adversarial ex-amples. The results show that hidden layers activations can be used to detect incorrect classifications caused by adversarial attacks.

Author-supplied keywords

  • @BULLET Computing methodologies → Neural networks
  • Deep Convolutional Neural Network
  • KEYWORDS Adversarial images detection
  • Machine Learning Security

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document

Get full text


  • Fabio Carrara

  • Fabrizio Falchi

  • Roberto Caldelli

  • Giuseppe Amato

  • Roberta Fumarola

  • Rudy Becarelli

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free