Defending Adversarial Examples by Negative Correlation Ensemble

Luo，Wenjian1; Zhang，Hongwei1; Kong，Linghao1; Chen，Zhijian1; Tang，Ke2

10.1007/978-981-19-8991-9_30

2022

1865-0929

1865-0937

Communications in Computer and Information Science

1745 CCIS

424-438

The security issues in DNNs, such as adversarial examples, have attracted much attention. Adversarial examples refer to the examples which are capable to induce the DNNs return incorrect predictions by introducing carefully designed perturbations. Obviously, adversarial examples bring great security risks to the real-world applications of deep learning. Recently, some defence approaches against adversarial examples have been proposed. However, the performance of these approaches are still limited. In this paper, we propose a new ensemble defence approach named the Negative Correlation Ensemble (NCEn), which achieves competitive results by making each member of the ensemble negatively correlated in gradient direction and gradient magnitude. NCEn can reduce the transferability of the adversarial samples among the members in ensemble. Extensive experiments have been conducted, and the results demonstrate that NCEn could improve the adversarial robustness of ensembles effectively.

Adversarial examples Deep learning Ensemble Negative correlation

Others

English

2-s2.0-85148684391

Scopus

1.School of Computer Science and Technology,Harbin Institute of Technology,Shenzhen,Guangdong,518055,China
2.Guangdong Provincial Key Laboratory of Brain-inspired Intelligent Computation,School of Computer Science and Engineering,Southern University of Science and Technology,Shenzhen,Guangdong,518055,China

Luo，Wenjian,Zhang，Hongwei,Kong，Linghao,et al. Defending Adversarial Examples by Negative Correlation Ensemble[C],2022:424-438.