Adversarial examples in which imperceptible perturbations to the input can easily subvert a well-trained model’s prediction pose huge potential security threats deep neural networks (DNNs). As an effective way resist adversarial samples, reconstruction eliminate antagonism of inference process without involving modifications target structure and parameters. However, preprocessing inputs often results some loss protected accuracy. In this paper, we introduce new method that adopts high-level representation difference constraint relative on dual autoencoder advance accuracy model. The utilizes gap between representations, activated by clean images, their guide training autoencoder. Additionally, is imposed latent representations noisy versions robustness tiny perturbations. extensive empirical experiments two real datasets, CIFAR-10 ImageNet, show presented approach demonstrates exceptional performance resisting different types attacks.

Load

Load