Disentangling Ensemble Models on Adversarial Generalization in Image Classification

Convolutional neural networks are widely used in computer vision and image processing. However, when the original input is added with manually imperceptible perturbations, these deep network models mostly tend to output incorrect predictions. The vulnerability of these models poses great threat to i...

Full description

Saved in:
Bibliographic Details
Published in2023 5th International Conference on Electronic Engineering and Informatics (EEI) pp. 162 - 165
Main Authors Li, Chenwei, Pan, Mengyuan, Yang, Bo, Zhang, Hengwei
Format Conference Proceeding
LanguageEnglish
Published IEEE 30.06.2023
Subjects
adversarial examples
adversarial generalization
Computational modeling
Ensemble learning
ensemble models
image classification
Image processing
Neural networks
Perturbation methods
Predictive models
Training
Online AccessGet full text

Cover

More Information
Summary:Convolutional neural networks are widely used in computer vision and image processing. However, when the original input is added with manually imperceptible perturbations, these deep network models mostly tend to output incorrect predictions. The vulnerability of these models poses great threat to intelligent applications, and these manually imperceptible perturbations are called adversarial examples. Current baseline methods have achieved considerable white-box attack success rate, but black-box rate remains to be improved. To boost the adversarial generalization, ensemble models method is introduced to the process of generating adversarial examples. This paper proposes multiple ensemble strategies with baseline attack methods based on existing ensemble strategy used by former methods. Experiment on ImageNet dataset empirically verifies the optimal ensemble strategy on boosting adversarial generalization.
DOI:10.1109/EEI59236.2023.10212535