Defending Adversarial Examples by Negative Correlation Ensemble

Wenjian Luo; Hongwei Zhang; Linghao Kong; Zhijian Chen; Ke Tang

doi:10.1007/978-981-19-8991-9_30

Defending Adversarial Examples by Negative Correlation Ensemble

Wenjian Luo^*
, Hongwei Zhang
, Linghao Kong
, Zhijian Chen
, Ke Tang

^*Corresponding author for this work

School of Computer Science and Technology, Harbin Institute of Technology
Southern University of Science and Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

5 Scopus citations

Abstract

The security issues in DNNs, such as adversarial examples, have attracted much attention. Adversarial examples refer to the examples which are capable to induce the DNNs return incorrect predictions by introducing carefully designed perturbations. Obviously, adversarial examples bring great security risks to the real-world applications of deep learning. Recently, some defence approaches against adversarial examples have been proposed. However, the performance of these approaches are still limited. In this paper, we propose a new ensemble defence approach named the Negative Correlation Ensemble (NCEn), which achieves competitive results by making each member of the ensemble negatively correlated in gradient direction and gradient magnitude. NCEn can reduce the transferability of the adversarial samples among the members in ensemble. Extensive experiments have been conducted, and the results demonstrate that NCEn could improve the adversarial robustness of ensembles effectively.

Original language	English
Title of host publication	Data Mining and Big Data - 7th International Conference, DMBD 2022, Proceedings
Editors	Ying Tan, Yuhui Shi
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	424-438
Number of pages	15
ISBN (Print)	9789811989902
DOIs	https://doi.org/10.1007/978-981-19-8991-9_30
State	Published - 2022
Externally published	Yes
Event	7th International Conference on Data Mining and Big Data, DMBD 2022 - Beijing, China Duration: 21 Nov 2022 → 24 Nov 2022

Publication series

Name	Communications in Computer and Information Science
Volume	1745 CCIS
ISSN (Print)	1865-0929
ISSN (Electronic)	1865-0937

Conference

Conference	7th International Conference on Data Mining and Big Data, DMBD 2022
Country/Territory	China
City	Beijing
Period	21/11/22 → 24/11/22

Keywords

Adversarial examples
Deep learning
Ensemble
Negative correlation

Access to Document

10.1007/978-981-19-8991-9_30

Cite this

Luo, W., Zhang, H., Kong, L., Chen, Z., & Tang, K. (2022). Defending Adversarial Examples by Negative Correlation Ensemble. In Y. Tan, & Y. Shi (Eds.), Data Mining and Big Data - 7th International Conference, DMBD 2022, Proceedings (pp. 424-438). (Communications in Computer and Information Science; Vol. 1745 CCIS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-19-8991-9_30

@inproceedings{faee9052c3a94e05a4187a8d1e0a2697,

title = "Defending Adversarial Examples by Negative Correlation Ensemble",

abstract = "The security issues in DNNs, such as adversarial examples, have attracted much attention. Adversarial examples refer to the examples which are capable to induce the DNNs return incorrect predictions by introducing carefully designed perturbations. Obviously, adversarial examples bring great security risks to the real-world applications of deep learning. Recently, some defence approaches against adversarial examples have been proposed. However, the performance of these approaches are still limited. In this paper, we propose a new ensemble defence approach named the Negative Correlation Ensemble (NCEn), which achieves competitive results by making each member of the ensemble negatively correlated in gradient direction and gradient magnitude. NCEn can reduce the transferability of the adversarial samples among the members in ensemble. Extensive experiments have been conducted, and the results demonstrate that NCEn could improve the adversarial robustness of ensembles effectively.",

keywords = "Adversarial examples, Deep learning, Ensemble, Negative correlation",

author = "Wenjian Luo and Hongwei Zhang and Linghao Kong and Zhijian Chen and Ke Tang",

note = "Publisher Copyright: {\textcopyright} 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.; 7th International Conference on Data Mining and Big Data, DMBD 2022 ; Conference date: 21-11-2022 Through 24-11-2022",

year = "2022",

doi = "10.1007/978-981-19-8991-9\_30",

language = "英语",

isbn = "9789811989902",

series = "Communications in Computer and Information Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "424--438",

editor = "Ying Tan and Yuhui Shi",

booktitle = "Data Mining and Big Data - 7th International Conference, DMBD 2022, Proceedings",

address = "德国",

}

Luo, W, Zhang, H, Kong, L, Chen, Z & Tang, K 2022, Defending Adversarial Examples by Negative Correlation Ensemble. in Y Tan & Y Shi (eds), Data Mining and Big Data - 7th International Conference, DMBD 2022, Proceedings. Communications in Computer and Information Science, vol. 1745 CCIS, Springer Science and Business Media Deutschland GmbH, pp. 424-438, 7th International Conference on Data Mining and Big Data, DMBD 2022, Beijing, China, 21/11/22. https://doi.org/10.1007/978-981-19-8991-9_30

Defending Adversarial Examples by Negative Correlation Ensemble. / Luo, Wenjian; Zhang, Hongwei; Kong, Linghao et al.
Data Mining and Big Data - 7th International Conference, DMBD 2022, Proceedings. ed. / Ying Tan; Yuhui Shi. Springer Science and Business Media Deutschland GmbH, 2022. p. 424-438 (Communications in Computer and Information Science; Vol. 1745 CCIS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Defending Adversarial Examples by Negative Correlation Ensemble

AU - Luo, Wenjian

AU - Zhang, Hongwei

AU - Kong, Linghao

AU - Chen, Zhijian

AU - Tang, Ke

PY - 2022

Y1 - 2022

N2 - The security issues in DNNs, such as adversarial examples, have attracted much attention. Adversarial examples refer to the examples which are capable to induce the DNNs return incorrect predictions by introducing carefully designed perturbations. Obviously, adversarial examples bring great security risks to the real-world applications of deep learning. Recently, some defence approaches against adversarial examples have been proposed. However, the performance of these approaches are still limited. In this paper, we propose a new ensemble defence approach named the Negative Correlation Ensemble (NCEn), which achieves competitive results by making each member of the ensemble negatively correlated in gradient direction and gradient magnitude. NCEn can reduce the transferability of the adversarial samples among the members in ensemble. Extensive experiments have been conducted, and the results demonstrate that NCEn could improve the adversarial robustness of ensembles effectively.

AB - The security issues in DNNs, such as adversarial examples, have attracted much attention. Adversarial examples refer to the examples which are capable to induce the DNNs return incorrect predictions by introducing carefully designed perturbations. Obviously, adversarial examples bring great security risks to the real-world applications of deep learning. Recently, some defence approaches against adversarial examples have been proposed. However, the performance of these approaches are still limited. In this paper, we propose a new ensemble defence approach named the Negative Correlation Ensemble (NCEn), which achieves competitive results by making each member of the ensemble negatively correlated in gradient direction and gradient magnitude. NCEn can reduce the transferability of the adversarial samples among the members in ensemble. Extensive experiments have been conducted, and the results demonstrate that NCEn could improve the adversarial robustness of ensembles effectively.

KW - Adversarial examples

KW - Deep learning

KW - Ensemble

KW - Negative correlation

UR - https://www.scopus.com/pages/publications/85148684391

U2 - 10.1007/978-981-19-8991-9_30

DO - 10.1007/978-981-19-8991-9_30

M3 - 会议稿件

AN - SCOPUS:85148684391

SN - 9789811989902

T3 - Communications in Computer and Information Science

SP - 424

EP - 438

BT - Data Mining and Big Data - 7th International Conference, DMBD 2022, Proceedings

A2 - Tan, Ying

A2 - Shi, Yuhui

PB - Springer Science and Business Media Deutschland GmbH

T2 - 7th International Conference on Data Mining and Big Data, DMBD 2022

Y2 - 21 November 2022 through 24 November 2022

ER -

Luo W, Zhang H, Kong L, Chen Z, Tang K. Defending Adversarial Examples by Negative Correlation Ensemble. In Tan Y, Shi Y, editors, Data Mining and Big Data - 7th International Conference, DMBD 2022, Proceedings. Springer Science and Business Media Deutschland GmbH. 2022. p. 424-438. (Communications in Computer and Information Science). doi: 10.1007/978-981-19-8991-9_30