Applying Tensor Decomposition to image for Robustness against Adversarial Attack
This addresses the problem of adversarial robustness for deep learning models in computer vision, offering an incremental improvement by adapting an existing compression technique.
The paper tackles the vulnerability of deep learning models to adversarial attacks by applying tensor decomposition as a defense mechanism, demonstrating robustness against state-of-the-art attacks on MNIST, CIFAR10, and ImageNet datasets with minimal degradation in clean data performance.
Nowadays the deep learning technology is growing faster and shows dramatic performance in computer vision areas. However, it turns out a deep learning based model is highly vulnerable to some small perturbation called an adversarial attack. It can easily fool the deep learning model by adding small perturbations. On the other hand, tensor decomposition method widely uses for compressing the tensor data, including data matrix, image, etc. In this paper, we suggest combining tensor decomposition for defending the model against adversarial example. We verify this idea is simple and effective to resist adversarial attack. In addition, this method rarely degrades the original performance of clean data. We experiment on MNIST, CIFAR10 and ImageNet data and show our method robust on state-of-the-art attack methods.