APE-GAN: Adversarial Perturbation Elimination with GAN
This addresses the critical issue of adversarial robustness in image recognition, offering a defense mechanism that is incremental as it builds on existing GAN methods.
The paper tackles the problem of defending neural networks against adversarial examples by proposing APE-GAN, a framework based on Generative Adversarial Nets, which effectively resists adversarial examples from five attacks on benchmark datasets like MNIST, CIFAR10, and ImageNet.
Although neural networks could achieve state-of-the-art performance while recongnizing images, they often suffer a tremendous defeat from adversarial examples--inputs generated by utilizing imperceptible but intentional perturbation to clean samples from the datasets. How to defense against adversarial examples is an important problem which is well worth researching. So far, very few methods have provided a significant defense to adversarial examples. In this paper, a novel idea is proposed and an effective framework based Generative Adversarial Nets named APE-GAN is implemented to defense against the adversarial examples. The experimental results on three benchmark datasets including MNIST, CIFAR10 and ImageNet indicate that APE-GAN is effective to resist adversarial examples generated from five attacks.