论文标题
机器节拍机器:机器学习模型以防御对抗攻击
Machine Beats Machine: Machine Learning Models to Defend Against Adversarial Attacks
论文作者
论文摘要
我们建议使用两层机器学习模型的部署,以防止对抗性攻击。第一层确定数据是否被篡改,而第二层解决了域特异性问题。我们探索三组功能和三个数据集变体来训练机器学习模型。我们的结果表明,聚类算法实现了有希望的结果。特别是,我们认为通过将DBSCAN算法应用于图像和白色参考图像之间计算的结构化结构相似性指数测量方法获得了最佳结果。
We propose using a two-layered deployment of machine learning models to prevent adversarial attacks. The first layer determines whether the data was tampered, while the second layer solves a domain-specific problem. We explore three sets of features and three dataset variations to train machine learning models. Our results show clustering algorithms achieved promising results. In particular, we consider the best results were obtained by applying the DBSCAN algorithm to the structured structural similarity index measure computed between the images and a white reference image.
