Overview of Adversarial Defenses on Image Classification

less than 1 minute read

Published: August 15, 2023

This short post provides an overview of adversarial defense techniques in image classification. It is intended as a brief summary for readers interested in robustness against adversarial attacks.

The included PDF summarizes five major categories:

Adversarial Training: Incorporating adversarial examples during training to improve robustness.
Gradient Masking / Regularization: Obscuring gradient information to hinder attack generation.
Detection-based Defenses: Identifying adversarial inputs before classification.
Transformation-based Defenses: Applying input transformations (e.g., denoising, compression) to remove perturbations.
Certified Defenses: Providing provable robustness guarantees against bounded perturbations.

📄 Download slides overviewing adversarial defenses here.

Bluesky Facebook LinkedIn X (formerly Twitter)

Xiaoyu Joy Liang

Visitor map

Overview of Adversarial Defenses on Image Classification

Note - Robust Yet Efficient Conformal Prediction Sets

Note - LAMD: Context-driven Android Malware Detection and Classification with LLMs

Adversarial Defenses on Graph: Heuristic and Certified