Feature Squeezing Mitigates and Detects Carlini/Wagner Adversarial Examples
This addresses security vulnerabilities in deep learning models for applications like image recognition, but it is incremental as it builds on prior work on feature squeezing.
The paper tackles the problem of adversarial examples in deep learning by applying feature squeezing techniques, showing that these methods significantly enhance model robustness against the Carlini/Wagner attacks, with results indicating effectiveness against state-of-the-art adversarial methods.
Feature squeezing is a recently-introduced framework for mitigating and detecting adversarial examples. In previous work, we showed that it is effective against several earlier methods for generating adversarial examples. In this short note, we report on recent results showing that simple feature squeezing techniques also make deep learning models significantly more robust against the Carlini/Wagner attacks, which are the best known adversarial methods discovered to date.