2021 IEEE International Conference on Image Processing
19-22 September 2021 • Anchorage, Alaska, USA
Imaging Without Borders
| Paper ID | MLR-APPL-IP-5.11 | ||
| Paper Title | SQUEEZE AND RECONSTRUCT: IMPROVED PRACTICAL ADVERSARIAL DEFENSE USING PAIRED IMAGE COMPRESSION AND RECONSTRUCTION | ||
| Authors | Bo-Han Kung, Pin-Chun Chen, Yu-Cheng Liu, Jun-Cheng Chen, Research Center for Information Technology Innovation, Academia Sinica, Taiwan | ||
| Session | MLR-APPL-IP-5: Machine learning for image processing 5 | ||
| Location | Area E | ||
| Session Time: | Tuesday, 21 September, 13:30 - 15:00 | ||
| Presentation Time: | Tuesday, 21 September, 13:30 - 15:00 | ||
| Presentation | Poster | ||
| Topic | Applications of Machine Learning: Machine learning for image processing | ||
| IEEE Xplore Open Preview | Click here to view in IEEE Xplore | ||
| Abstract | As shown in the previous literature, non-robust features of an image such as texture are both the secrets why deep neural networks achieve outstanding classification performance and the sources of adversarial examples. Image compression methods such as JPEG can be used to effectively defend against diverse adversarial attacks by eliminating these non-robust features in the pre-processing stage while significantly sacrificing clean accuracy. To address this issue, we present a squeeze-and-reconstruct framework which first performs image compression followed by image reconstruction to recover necessary details for the improved clean and robust accuracies. With extensive experiments on the challenging ImageNet dataset, the evaluation results demonstrate the effectiveness of the proposed method to defend against the Fast Gradient Sign Method and the powerful Projected Gradient Descent attacks in the white-box scenarios. In addition, the proposed approach also outperforms other common and off-the-shelf defense models in terms of both clean and robust accuracies. | ||