Image classification has undergone a revolution in recent years due to the high performance of new deep learning models. However, severe security issues may impact the performance of these systems. In particular, adversarial attacks are based on modifying input images in a way that is imperceptible for human vision, so that deep learning image classifiers are deceived. This work proposes a new deep neural network
model composed of an encoder and a Generative Adversarial Network (GAN). The former encodes a possibly malformed input image into a latent vector, while the latter generates a reconstructed image from the
latent vector. Then the reconstructed image can be reliably classified because our model removes the deleterious effects of the attack. The experiments carried out were designed to test the proposed approach
against the Fast Gradient Signed Method attack. The obtained results demonstrate the suitability of our approach in terms of an excellent balance between classification accuracy and computational cost.
Buscar en Dimension