Bader Rasheed
Multiple adversarial domains adaptation approach for mitigating adversarial attacks effects
Rasheed, Bader; Khan, Adil; Ahmad, Muhammad; Mazzara, Manuel; Kazmi, S. M.Ahsan
Authors
Adil Khan
Muhammad Ahmad
Manuel Mazzara
Ahsan Kazmi Ahsan.Kazmi@uwe.ac.uk
Senior Lecturer in Data Science
Abstract
Although neural networks are near achieving performance similar to humans in many tasks, they are susceptible to adversarial attacks in the form of a small, intentionally designed perturbation, which could lead to misclassifications. The best defense against these attacks, so far, is adversarial training (AT), which improves a model's robustness by augmenting the training data with adversarial examples. However, AT usually decreases the model's accuracy on clean samples and could overfit to a specific attack, inhibiting its ability to generalize to new attacks. In this paper, we investigate the usage of domain adaptation to enhance AT's performance. We propose a novel multiple adversarial domain adaptation (MADA) method, which looks at this problem as a domain adaptation task to discover robust features. Specifically, we use adversarial learning to learn features that are domain-invariant between multiple adversarial domains and the clean domain. We evaluated MADA on MNIST and CIFAR-10 datasets with multiple adversarial attacks during training and testing. The results of our experiments show that MADA is superior to AT on adversarial samples by about 4% on average and on clean samples by about 1% on average.
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Sep 19, 2022 |
| Publication Date | Oct 10, 2022 |
| Deposit Date | Nov 9, 2022 |
| Publicly Available Date | Nov 9, 2022 |
| Journal | International Transactions on Electrical Energy Systems |
| Electronic ISSN | 2050-7038 |
| Publisher | Wiley |
| Peer Reviewed | Peer Reviewed |
| Volume | 2022 |
| Article Number | 2890761 |
| Pages | 1-11 |
| DOI | https://doi.org/10.1155/2022/2890761 |
| Keywords | Electrical and Electronic Engineering, Energy Engineering and Power Technology, Modeling and Simulation |
| Public URL | https://uwe-repository.worktribe.com/output/10104175 |
| Publisher URL | https://www.hindawi.com/journals/itees/2022/2890761/ |
| Additional Information | Previously reported datasets were used to support this study and are available at DOI: 10.1109/MSP.2012.2211477 and DOI: 10.1.1.222.9220. 'ese prior studies and datasets are cited at relevant places within the text as references [28, 29] |
Files
Multiple adversarial domains adaptation approach for mitigating adversarial attacks effects
(1.4 Mb)
PDF
Licence
http://creativecommons.org/licenses/by/4.0/
Publisher Licence URL
http://creativecommons.org/licenses/by/4.0/
You might also like
Cache sharing in UAV-enabled cellular network: A deep reinforcement learning-based approach
(2024)
Journal Article
PbCP: A profit-based cache placement scheme for next-generation IoT-based ICN networks
(2022)
Journal Article
Computing on wheels: A deep reinforcement learning-based approach
(2022)
Journal Article
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search