ASQ-FastBM3D: an adaptive denoising framework for defending adversarial attacks in machine learning enabled systems

Guangquan Xu, Zhengbo Han, Lixiao Gong, Litao Jiao, Hongpeng Bai, Shaoying Liu, Xi Zheng

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)

Abstract

Machine learning has made significant progress in image recognition, natural language processing, and autonomous driving. However, the generation of adversarial examples has proved that the machine learning system is unreliable. By adding imperceptible perturbations to clean images can fool the well-trained machine learning systems. To solve this problem, we propose an adaptive image denoising framework Adaptive Scalar Quantization (ASQ-FastBM3D). The ASQ-FastBM3D framework combines the ASQ method with the FastBM3D algorithm. The adaptive scalar quantization is the improvement of scalar quantization, which is used to eliminate most of the perturbations. FastBM3D is proposed to improve the quality of the quantified image. The running time of FastBM3D is 50% less than that of BM3D. Compared with some traditional filter methods and some state-of-the-art neural network methods for recovering the adversarial examples, the accuracy rate of our ASQ-FastBM3D method is 99.73% and the F1 score is 98.01%, which is the highest.

Original languageEnglish
Pages (from-to)317-328
Number of pages12
JournalIEEE Transactions on Reliability
Volume72
Issue number1
Early online date20 May 2022
DOIs
Publication statusPublished - Mar 2023

Fingerprint

Dive into the research topics of 'ASQ-FastBM3D: an adaptive denoising framework for defending adversarial attacks in machine learning enabled systems'. Together they form a unique fingerprint.

Cite this