keyboard_arrow_up
3D Convolution for Proactive Défense Against Localized Adversary Attacks

Authors

Henok Ghebrechristos and Gita Alaghband, University of Colorado-Denver, Denver, Colorado

Abstract

This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks (CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations. When combined with 3D convolution and deep curriculum learning optimization (CLO), it significantly improves the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10 and CIFAR-100)and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing accuracy improvements over previous techniques. The results indicate that the combination of the volumetric input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating adversary training

Keywords

Convolutional Neural Network, Adversary Attack, Deep Learning, Volumization, Adversary Defense, Curriculum Learning

Full Text  Volume 13, Number 24