@inproceedings{53db5b42136042bb8109e28eb9e8396f,
title = "Resisting Adversarial Examples via Wavelet Extension and Denoising",
abstract = "It is well known that Deep Neural Networks are vulnerable to adversarial examples. An adversary can inject carefully-crafted perturbations on clean input to manipulate the model output. In this paper, we propose a novel method, WED (Wavelet Extension and Denoising), to better resist adversarial examples. Specifically, WED adopts a wavelet transform to extend the input dimension with the image structures and basic elements. This can add significant difficulty for the adversary to calculate effective perturbations. WED further utilizes wavelet denoising to reduce the impact of adversarial perturbations on the model performance. Evaluations show that WED can resist 7 common adversarial attacks under both black-box and white-box scenarios. It outperforms two state-of-the-art wavelet-based approaches for both model accuracy and defense effectiveness.",
keywords = "Adversarial examples, Deep Learning, Image denoising, Model robustness, Wavelet transform",
author = "Qinkai Zheng and Han Qiu and Tianwei Zhang and Gerard Memmi and Meikang Qiu and Jialiang Lu",
note = "Publisher Copyright: {\textcopyright} 2021, Springer Nature Switzerland AG.; 5th International Conference on Smart Computing and Communication, SmartCom 2020 ; Conference date: 29-12-2020 Through 31-12-2020",
year = "2021",
month = jan,
day = "1",
doi = "10.1007/978-3-030-74717-6\_22",
language = "English",
isbn = "9783030747169",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "204--214",
editor = "Meikang Qiu",
booktitle = "Smart Computing and Communication - 5th International Conference, SmartCom 2020, Proceedings",
}