Adversarial Examples represent a serious problem affecting the security of machine learning systems. In this paper we focus on defense mechanism based reconstructing images before classification using an autoencoder. We experiment several types autoencoders and evaluate impact strategies such as injecting noise in input during training latent space at inference time.We tested models adversarial examples generated with Carlini-Wagner attack, white-box scenario stacked system composed by autoencoder classifier.

Load

Load