File(s) not publicly available
Dynamic Hypersphere Embedding Scale Against Adversarial Attacks
journal contribution
posted on 2023-02-14, 04:34 authored by M Hassanin, N Moustafa, Imran RazzakImran Razzak, M Tanveer, D Ormrod, J SlayLearning robust features against adversarial attacks is a challenging task that requires highly complex models, especially on aerial images, because they are subject to environmental and adversarial changes. Embedding hypersphere normalization, along with adversarial settings, causes performance degradation and enables the feature to overlap. To address this, in this article, we propose a dynamic hypersphere embedding scale (DHS) method that remaps the normalized features to a relative scale to learn robust features. The proposed method combines the benefits of hypersphere embedding without scarifying softmax advantages. The DHS aggregates the normalized features and the non-normalized ones. It uses a hypersphere embedding to enforce maximum-margin to the features that yield shorter magnitude and utilizes a dynamic scale to avoid features overlapping in the case of adversarial attacks. We validate the DHS's effectiveness by embedding the adversarial training attacks such as Projected Gradient Descent (PGD), CW, and DeepFool. Empirical experiments revealed that the DHS improves the model performance by 12% when using the PGD attack, with less computation than legacy hypersphere models. Another set of experiments showed that the DHS does not obfuscate the gradient.
History
Journal
IEEE Transactions on Engineering ManagementVolume
PPPublisher DOI
ISSN
0018-9391eISSN
1558-0040Language
EnglishPublication classification
C1.1 Refereed article in a scholarly journalIssue
99Publisher
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INCUsage metrics
Categories
No categories selectedKeywords
Adversarial attacksadversarial defensesBehavioral sciencesBusinessBusiness & EconomicsComputational modelingdeep learningDeep learningDegradationEngineeringEngineering, IndustrialIntegrated circuit modelingManagementmax-margin learningRobustnessScience & TechnologySocial SciencesTechnologyTrainingInformation and Computing SciencesCommerce, Management, Tourism and Services
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC