Abstract
Despite their many successful applications, Deep Neural Networks (DNNs) are vulnerable to intentionally designed adversarial examples. Adversarial robustness describes the ability of a machine learning model, e.g., a neural network, to defend against such adversarial attacks. In coding theory, codebooks are designed to minimize the impact of errors occurring with transmission through a noisy channel. Motivated by the similarities between passing a codeword through a noisy channel and defending against adversarial attacks, Error-Correcting Output Codes (ECOCs) are used to achieve state-of-the-art adversarial robustness. Research on codebook designs and the association of codewords to classification labels (assignment) is still at the very early stages, with great room for improvement. In this work, we present novel codebook design and assignment procedures in two stages due to the complexity (NP-hardness) of the underlying problem. A rule-based heuristic codebook design method is proposed in the first stage and an optimization problem to assign the codewords to labels is proposed in the second stage. Since this optimization is NP-hard, a greedy algorithm is proposed to provide a sub-optimal solution. We demonstrate the effectiveness of our framework on three benchmark datasets, under different types of adversarial attacks. The experimental results show that our error-correcting output code framework can effectively improve the adversarial robustness of machine learning models, with up to a 10% increase in accuracy.
Original language | English |
---|---|
Title of host publication | ICC 2022 - IEEE International Conference on Communications |
Editors | Ekram Hossain |
Place of Publication | Piscataway NJ USA |
Publisher | IEEE, Institute of Electrical and Electronics Engineers |
Pages | 2345-2350 |
Number of pages | 6 |
ISBN (Electronic) | 9781538683477 |
ISBN (Print) | 9781538683484 |
DOIs | |
Publication status | Published - 2022 |
Event | IEEE International Conference on Communications 2022 - Seoul, Korea, South Duration: 16 May 2022 → 20 May 2022 https://ieeexplore.ieee.org/xpl/conhome/9837954/proceeding (Proceedings) https://icc2022.ieee-icc.org/ (Website) |
Publication series
Name | IEEE International Conference on Communications |
---|---|
Publisher | IEEE, Institute of Electrical and Electronics Engineers |
Volume | 2022-May |
ISSN (Print) | 1550-3607 |
ISSN (Electronic) | 1938-1883 |
Conference
Conference | IEEE International Conference on Communications 2022 |
---|---|
Abbreviated title | ICC 2022 |
Country/Territory | Korea, South |
City | Seoul |
Period | 16/05/22 → 20/05/22 |
Internet address |
|
Keywords
- adversarial robustness
- coding theory
- Error-correcting output code
- machine learning
Prizes
-
ICC 2022, Best paper award, Selected areas in Communications
Viterbo, Emanuele (Recipient), May 2022
Prize: Prize (including medals and awards)