On the Interplay of Convolutional Padding and Adversarial Robustness
This addresses a specific vulnerability in CNN security for computer vision applications, though it appears to be an incremental analysis of existing padding techniques.
The paper investigates how different convolutional padding methods affect adversarial robustness in CNNs, finding that adversarial attacks often create perturbation anomalies at image boundaries where padding is applied.
It is common practice to apply padding prior to convolution operations to preserve the resolution of feature-maps in Convolutional Neural Networks (CNN). While many alternatives exist, this is often achieved by adding a border of zeros around the inputs. In this work, we show that adversarial attacks often result in perturbation anomalies at the image boundaries, which are the areas where padding is used. Consequently, we aim to provide an analysis of the interplay between padding and adversarial attacks and seek an answer to the question of how different padding modes (or their absence) affect adversarial robustness in various scenarios.