Multi-head Uncertainty Inference for Adversarial Attack Detection
Deep neural networks (DNNs) are sensitive and susceptible to tiny perturbation by adversarial attacks which causes erroneous predictions. Various methods, including adversarial defense and uncertainty inference (UI), have been developed in recent years to overcome the adversarial attacks. In this pa...
Saved in:
| Published in | arXiv.org |
|---|---|
| Main Authors | , , , , , |
| Format | Paper |
| Language | English |
| Published |
Ithaca
Cornell University Library, arXiv.org
20.12.2022
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | Deep neural networks (DNNs) are sensitive and susceptible to tiny perturbation by adversarial attacks which causes erroneous predictions. Various methods, including adversarial defense and uncertainty inference (UI), have been developed in recent years to overcome the adversarial attacks. In this paper, we propose a multi-head uncertainty inference (MH-UI) framework for detecting adversarial attack examples. We adopt a multi-head architecture with multiple prediction heads (i.e., classifiers) to obtain predictions from different depths in the DNNs and introduce shallow information for the UI. Using independent heads at different depths, the normalized predictions are assumed to follow the same Dirichlet distribution, and we estimate distribution parameter of it by moment matching. Cognitive uncertainty brought by the adversarial attacks will be reflected and amplified on the distribution. Experimental results show that the proposed MH-UI framework can outperform all the referred UI methods in the adversarial attack detection task with different settings. |
|---|---|
| AbstractList | Deep neural networks (DNNs) are sensitive and susceptible to tiny perturbation by adversarial attacks which causes erroneous predictions. Various methods, including adversarial defense and uncertainty inference (UI), have been developed in recent years to overcome the adversarial attacks. In this paper, we propose a multi-head uncertainty inference (MH-UI) framework for detecting adversarial attack examples. We adopt a multi-head architecture with multiple prediction heads (i.e., classifiers) to obtain predictions from different depths in the DNNs and introduce shallow information for the UI. Using independent heads at different depths, the normalized predictions are assumed to follow the same Dirichlet distribution, and we estimate distribution parameter of it by moment matching. Cognitive uncertainty brought by the adversarial attacks will be reflected and amplified on the distribution. Experimental results show that the proposed MH-UI framework can outperform all the referred UI methods in the adversarial attack detection task with different settings. |
| Author | Zhang, Ke Yang, Yuqi Jiyang Xie Zhongwei Si Liang, Kongming Yang, Songyun Guo, Kai |
| Author_xml | – sequence: 1 givenname: Yuqi surname: Yang fullname: Yang, Yuqi – sequence: 2 givenname: Songyun surname: Yang fullname: Yang, Songyun – sequence: 3 fullname: Jiyang Xie Zhongwei Si – sequence: 4 givenname: Kai surname: Guo fullname: Guo, Kai – sequence: 5 givenname: Ke surname: Zhang fullname: Zhang, Ke – sequence: 6 givenname: Kongming surname: Liang fullname: Liang, Kongming |
| BookMark | eNqNiksKwjAUAIMoWLV3CLguxKRp3RY_6MKdrktIXzG1JPryKnh7u_AArgZmZsGmPniYsEQqtcm2uZRzlsbYCSFkUUqtVcKqy9CTy-5gGn7zFpCM8_ThZ98Cwih4G5BXzRswGnSm5xWRsQ--BwJLLvgVm7Wmj5D-uGTr4-G6O2VPDK8BItVdGNCPqZalLnSuVC7Uf9cXx6g7LQ |
| ContentType | Paper |
| Copyright | 2022. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| Copyright_xml | – notice: 2022. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| DBID | 8FE 8FG ABJCF ABUWG AFKRA AZQEC BENPR BGLVJ CCPQU DWQXO HCIFZ L6V M7S PIMPY PQEST PQQKQ PQUKI PRINS PTHSS |
| DatabaseName | ProQuest SciTech Collection ProQuest Technology Collection Materials Science & Engineering Collection ProQuest Central (Alumni) ProQuest Central ProQuest Central Essentials AUTh Library subscriptions: ProQuest Central Technology Collection ProQuest One Community College ProQuest Central SciTech Premium Collection (Proquest) (PQ_SDU_P3) ProQuest Engineering Collection ProQuest Engineering Database ProQuest - Publicly Available Content Database ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Academic ProQuest One Academic UKI Edition ProQuest Central China Engineering Collection |
| DatabaseTitle | Publicly Available Content Database Engineering Database Technology Collection ProQuest Central Essentials ProQuest One Academic Eastern Edition ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Technology Collection ProQuest SciTech Collection ProQuest Central China ProQuest Central ProQuest Engineering Collection ProQuest One Academic UKI Edition ProQuest Central Korea Materials Science & Engineering Collection ProQuest One Academic Engineering Collection |
| DatabaseTitleList | Publicly Available Content Database |
| Database_xml | – sequence: 1 dbid: 8FG name: ProQuest Technology Collection url: https://search.proquest.com/technologycollection1 sourceTypes: Aggregation Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Physics |
| EISSN | 2331-8422 |
| Genre | Working Paper/Pre-Print |
| GroupedDBID | 8FE 8FG ABJCF ABUWG AFKRA ALMA_UNASSIGNED_HOLDINGS AZQEC BENPR BGLVJ CCPQU DWQXO FRJ HCIFZ L6V M7S M~E PIMPY PQEST PQQKQ PQUKI PRINS PTHSS |
| ID | FETCH-proquest_journals_27565433403 |
| IEDL.DBID | BENPR |
| IngestDate | Thu Oct 10 20:07:38 EDT 2024 |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-proquest_journals_27565433403 |
| OpenAccessLink | https://www.proquest.com/docview/2756543340?pq-origsite=%requestingapplication% |
| PQID | 2756543340 |
| PQPubID | 2050157 |
| ParticipantIDs | proquest_journals_2756543340 |
| PublicationCentury | 2000 |
| PublicationDate | 20221220 |
| PublicationDateYYYYMMDD | 2022-12-20 |
| PublicationDate_xml | – month: 12 year: 2022 text: 20221220 day: 20 |
| PublicationDecade | 2020 |
| PublicationPlace | Ithaca |
| PublicationPlace_xml | – name: Ithaca |
| PublicationTitle | arXiv.org |
| PublicationYear | 2022 |
| Publisher | Cornell University Library, arXiv.org |
| Publisher_xml | – name: Cornell University Library, arXiv.org |
| SSID | ssj0002672553 |
| Score | 3.4372983 |
| SecondaryResourceType | preprint |
| Snippet | Deep neural networks (DNNs) are sensitive and susceptible to tiny perturbation by adversarial attacks which causes erroneous predictions. Various methods,... |
| SourceID | proquest |
| SourceType | Aggregation Database |
| SubjectTerms | Artificial neural networks Dirichlet problem Inference Perturbation Uncertainty |
| Title | Multi-head Uncertainty Inference for Adversarial Attack Detection |
| URI | https://www.proquest.com/docview/2756543340 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3NS8MwFH-4FsHb_ELdHAG9BtM0bdqTTG2dwsYQB7uNNEkvwpxrPHjxbzcJrR6EHUMgIY-X9_l77wFc1zWlMlMEc805Ztq1vE1qia1tTEmqa06UcxSns3SyYM_LZNkG3JoWVtnJRC-o1bt0MfIb16Y8YXHMyO3mA7upUS672o7Q6EFIradAAgjvitn85TfKQlNubeb4n6D12qPsQzgXG709hD29PoJ9D7qUzTGMffUrtuJQoYUlvk_Omy_01BXhIWtRIj8yuRGOUdDYGCHf0IM2HkG1PoGrsni9n-Du3lXLG83q7yXxKQTWyddngCjJK6GSmuVEsarSIlKcS6lVluZJLqNzGO466WL39gAOqIPtR9T-iiEEZvupL60yNdUIeln5OGrpZlfT7-IHwh9_ow |
| link.rule.ids | 783,787,12777,21400,33385,33756,43612,43817 |
| linkProvider | ProQuest |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3NS8MwFH_oiujNT_yYGtBrME3TZj3J1I1OtzJkg91KmqSXwZxrPPjfm4RWD8LOgYQ8Xn7v65f3AO6rilLZUwRzzTlm2rW8jSuJrW9MSaIrTpQLFCd5ks3Z6yJeNAm3uqFVtpjogVp9SJcjf3BtymMWRYw8rj-xmxrlqqvNCI1dCFyrKht8BU-DfPr-m2WhCbc-c_QPaL31GB5CMBVrvTmCHb06hj1PupT1CfT971ds4VChuRW-L86bbzRqP-Eh61EiPzK5Fk5RUN8YIZfoRRvPoFqdwt1wMHvOcHtu0ehGXfzdJDqDjg3y9TkgStJSqLhiKVGsLLUIFedSatVL0jiV4QV0t-10uX35Fvaz2WRcjEf52xUcUEfhD6l9IV3omM2XvraG1ZQ3jfR-AO4RgIY |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Multi-head+Uncertainty+Inference+for+Adversarial+Attack+Detection&rft.jtitle=arXiv.org&rft.au=Yang%2C+Yuqi&rft.au=Yang%2C+Songyun&rft.au=Jiyang+Xie+Zhongwei+Si&rft.au=Guo%2C+Kai&rft.date=2022-12-20&rft.pub=Cornell+University+Library%2C+arXiv.org&rft.eissn=2331-8422 |