| Presentation | 2019-09-24 A Proposal of Detection Method of Adversalial Examples based on Frequency Domain Yuya Kase, Masaomi Kimura, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | We propose a detection method of special data Adversarial Examples that cause misclassification of neural networks. Adversarial Examples are generated by adding a small amount of noise called perturbation to the original data. Especially in the case of images, changes due to perturbation are set so small that it cannot be perceived by the human eye. In previous research, as a result of frequency analysis of the perturbation, it was found that the influence became large around 0Hz and therefore they proposed a application 0Hz cut. In addition, the dataset MNIST for handwritten digit images has no high frequency characteristics and therefore they proposed the application of a low pass filter. However, the photo has characteristics not only low frequency but also high frequency, so it is not appropriate to cut. In this study, we propose a detection method of Adversarial Examples using not only low frequencies but also high frequencies. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Machine Learning / Neural Network / Adversarial Examples / Frequency / Image / Robustness |
| Paper # | SSS2019-20 |
| Date of Issue | 2019-09-17 (SSS) |
| Conference Information | |
| Committee | SSS |
|---|---|
| Conference Date | 2019/9/24(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | Makoto Ito(Tsukuba Univ.) |
| Vice Chair | |
| Secretary | (NPO RDA) |
| Assistant | Koh Kawashima(Oriental Motor) / Sei Takahashi(Nihon Univ.) / Masaomi Kimura(Shibaura Inst. of Tech.) |
| Paper Information | |
| Registration To | Technical Committee on Safety |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Proposal of Detection Method of Adversalial Examples based on Frequency Domain |
| Sub Title (in English) | |
| Keyword(1) | Machine Learning |
| Keyword(2) | Neural Network |
| Keyword(3) | Adversarial Examples |
| Keyword(4) | Frequency |
| Keyword(5) | Image |
| Keyword(6) | Robustness |
| 1st Author's Name | Yuya Kase |
| 1st Author's Affiliation | Shibaura Institute of Technology(SIT) |
| 2nd Author's Name | Masaomi Kimura |
| 2nd Author's Affiliation | Shibaura Institute of Technology(SIT) |
| Date | 2019-09-24 |
| Paper # | SSS2019-20 |
| Volume (vol) | vol.119 |
| Number (no) | SSS-210 |
| Page | pp.pp.13-16(SSS), |
| #Pages | 4 |
| Date of Issue | 2019-09-17 (SSS) |