ENHANCES THE ROBUSTNESS OF DEEP LEARNING MODELS USING ROBUST SPARSE PCA TO DENOISE ADVERSARIAL IMAGES

  • Truong Phi Ho, Truong Quang Binh, Nguyen Vinh Quang, Nguyen Nhat Hai, Pham Duy Trung
Keywords: Deep learning; Adversarial examples; Image features; Sparse PCA; Robustness of model

Abstract

Recent years have demonstrated the rapid development of artificial intelligence. Deep learning applications have been widely developed in life such as object recognition, face recognition, automatic vehicle operation, and even medicine, etc. However, these systems contain many risks from adversarial attacks on deep learning models. Attackers often use examples containing small perturbations that are barely perceptible to the naked eye and can fool even deep learning models. Many studies have shown that the creation of adversarial examples largely depends on adding perturbations to clean image. In this paper, the authors propose to use the Sparse Principal Component Analysis (PCA) method to denoise adversarial images. With the experimental results, the authors have demonstrated that the Robust sparse PCA method is effective in selecting and classifying key features of the image to remove unwanted noise present in the input image. The image after denoising has been accurately classified by machine learning model.

điểm /   đánh giá
Published
2023-12-07
Issue
Vol. 228 No. 15 (2023): INFORMATION AND COMMUNICATIONS TECHNOLOGY
Section
INFORMATION AND COMMUNICATIONS TECHNOLOGY