Alleviating adversarial attacks via convolutional autoencoder

In order to defend adversarial attacks in computer vision models, the conventional approach arises on actively incorporate such samples into the training datasets. Nonetheless, the manual production of adversarial samples is painful and labor intensive. Here we propose a novel generative model: Convolutional Autoencoder Model to add unsupervised adversarial training, i.e., the production of adversarial images from the encoded feature representation, on conventional supervised convolutional neural network training. To accomplish such objective, we first provide a novel statistical understanding of convolutional neural network to translate convolution and pooling computations equivalently as a hierarchy of encoders, and sampling tricks, respectively. Then, we derive our proposed Convolutional Autoencoder Model with the ‘adversarial decoders’ to automate the generation of adversarial samples. We validated our proposed Convolutional Autoencoder Model on MNIST dataset, and achieved the clear-cut performance improvement over the normal Convolutional Neural Network.

[1]  Navdeep Jaitly,et al.  Adversarial Autoencoders , 2015, ArXiv.

[2]  Marc'Aurelio Ranzato,et al.  Building high-level features using large scale unsupervised learning , 2011, 2013 IEEE International Conference on Acoustics, Speech and Signal Processing.

[3]  Rajat Raina,et al.  Classification with Hybrid Generative/Discriminative Models , 2003, NIPS.

[4]  Max Welling,et al.  Auto-Encoding Variational Bayes , 2013, ICLR.

[5]  Geoffrey E. Hinton,et al.  Visualizing Data using t-SNE , 2008 .

[6]  Eliano Pessa,et al.  Neural Network Models: Usefulness and Limitations , 2016 .

[7]  Alex Graves,et al.  DRAW: A Recurrent Neural Network For Image Generation , 2015, ICML.

[8]  Yoshua Bengio,et al.  Gradient-based learning applied to document recognition , 1998, Proc. IEEE.

[9]  Jonathon Shlens,et al.  Explaining and Harnessing Adversarial Examples , 2014, ICLR.

[10]  Yoshua Bengio,et al.  Generative Adversarial Nets , 2014, NIPS.

[11]  Joan Bruna,et al.  Intriguing properties of neural networks , 2013, ICLR.

[12]  Luca Rigazio,et al.  Towards Deep Neural Network Architectures Robust to Adversarial Examples , 2014, ICLR.

[13]  Muhammad Sarfraz Computer Vision and Image Processing in Intelligent Systems and Multimedia Technologies , 2014 .

[14]  Marc'Aurelio Ranzato,et al.  Unsupervised Learning of Invariant Feature Hierarchies with Applications to Object Recognition , 2007, 2007 IEEE Conference on Computer Vision and Pattern Recognition.

[15]  Honglak Lee,et al.  Convolutional deep belief networks for scalable unsupervised learning of hierarchical representations , 2009, ICML '09.