| Presentation | 2022-06-16 Adversarial Robustness of Secret Key-Based Defenses against AutoAttack Miki Tanaka, April Pyone MaungMaung, Isao Echizen, Hitoshi Kiya, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Deep neural network (DNN) models are well-known to easily misclassify prediction results by using input images with small perturbations, called adversarial examples, so investigating countermeasures for adversarial examples is an urgent issue. In this paper, the secret key-based defense that we proposed is evaluated in terms of robustness against adversarial examples in accordance with a benchmark attack method, called AutoAttack. In addition, we propose a detection method of adversarial examples to be combined with the secret key-based defense. In an experiment, the secret key-based classification model is confirmed that it is not robust enough against a black box attack, and the combined use of the key-based defense and the proposed detector outperforms the latest benchmark. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Adversarial example / Machine learning / Deep learning / Adversarial detection |
| Paper # | CAS2022-7,VLD2022-7,SIP2022-38,MSS2022-7 |
| Date of Issue | 2022-06-09 (CAS, VLD, SIP, MSS) |
| Conference Information | |
| Committee | CAS / SIP / VLD / MSS |
|---|---|
| Conference Date | 2022/6/16(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Hachinohe Institute of Technology |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | Yoshinobu Maeda(Niigata Univ.) / Yukihiro Bandou(NTT) / Kazutoshi Kobayashi(Kyoto Inst. of Tech.) / Atsuo Ozaki(Osaka Inst. of Tech.) |
| Vice Chair | Yasutoshi Aibara(OmniVisionManufacturing) / Toshihisa Tanaka(Tokyo Univ. Agri.&Tech.) / Takayuki Nakachi(Ryukyu Univ.) / Minako Ikeda(NTT) / Shingo Yamaguchi(Yamaguchi Univ.) |
| Secretary | Yasutoshi Aibara(NIT, Toyama college) / Toshihisa Tanaka(Renesas) / Takayuki Nakachi(Xiaomi) / Minako Ikeda(Takushoku Univ.) / Shingo Yamaguchi(Tokyo Univ. Agri.&Tech.) |
| Assistant | Motoi Yamaguchi(TECHNOPRO) / Yohei Nakamura(Hitachi) / Takahide Sato(Univ. of Yamanashi) / Shinji Shimoda(Sony LSI Design) / Shunsuke Koshita(Hachinohe Inst. of Tech.) / Taichi Yoshida(UEC) / Seisuke Kyochi(Univ. of Kitakyushu) / / Masato Shirai(Shimane Univ.) |
| Paper Information | |
| Registration To | Technical Committee on Circuits and Systems / Technical Committee on Signal Processing / Technical Committee on VLSI Design Technologies / Technical Committee on Mathematical Systems Science and its Applications |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Adversarial Robustness of Secret Key-Based Defenses against AutoAttack |
| Sub Title (in English) | |
| Keyword(1) | Adversarial example |
| Keyword(2) | Machine learning |
| Keyword(3) | Deep learning |
| Keyword(4) | Adversarial detection |
| 1st Author's Name | Miki Tanaka |
| 1st Author's Affiliation | Tokyo Metropolitan University(Tokyo Metro Univ.) |
| 2nd Author's Name | April Pyone MaungMaung |
| 2nd Author's Affiliation | Tokyo Metropolitan University(Tokyo Metro Univ.) |
| 3rd Author's Name | Isao Echizen |
| 3rd Author's Affiliation | National Institute of Informatics(NII) |
| 4th Author's Name | Hitoshi Kiya |
| 4th Author's Affiliation | Tokyo Metropolitan University(Tokyo Metro Univ.) |
| Date | 2022-06-16 |
| Paper # | CAS2022-7,VLD2022-7,SIP2022-38,MSS2022-7 |
| Volume (vol) | vol.122 |
| Number (no) | CAS-75,VLD-76,SIP-77,MSS-78 |
| Page | pp.pp.34-39(CAS), pp.34-39(VLD), pp.34-39(SIP), pp.34-39(MSS), |
| #Pages | 6 |
| Date of Issue | 2022-06-09 (CAS, VLD, SIP, MSS) |