Evaluating Deep Learning for Image Classification in Adversarial Environment
Summary :
Due to the superior performance, deep learning has been widely applied to various applications, including image classification, bioinformatics, and cybersecurity. Nevertheless, the research investigations on deep learning in the adversarial environment are still on their preliminary stage. The emerging adversarial learning methods, e.g., generative adversarial networks, have introduced two vital questions: to what degree the security of deep learning with the presence of adversarial examples is; how to evaluate the performance of deep learning models in adversarial environment, thus, to raise security advice such that the selected application system based on deep learning is resistant to adversarial examples. To see the answers, we leverage image classification as an example application scenario to propose a framework of Evaluating Deep Learning for Image Classification (EDLIC) to conduct comprehensively quantitative analysis. Moreover, we introduce a set of evaluating metrics to measure the performance of different attacking and defensive techniques. After that, we conduct extensive experiments towards the performance of deep learning for image classification under different adversarial environments to validate the scalability of EDLIC. Finally, we give some advice about the selection of deep learning models for image classification based on these comparative results.
- Publication
- IEICE TRANSACTIONS on Information Vol.E103-D No.4 pp.825-837
- Publication Date
- 2020/04/01
- Publicized
- 2019/12/23
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.2019EDP7188
- Type of Manuscript
- PAPER
- Category
- Artificial Intelligence, Data Mining
Authors
Ye PENG
National University of Defense Technology
Wentao ZHAO
National University of Defense Technology
Wei CAI
The Chinese University of Hong Kong
Jinshu SU
National University of Defense Technology
Biao HAN
National University of Defense Technology
Qiang LIU
National University of Defense Technology
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Ye PENG, Wentao ZHAO, Wei CAI, Jinshu SU, Biao HAN, Qiang LIU, "Evaluating Deep Learning for Image Classification in Adversarial Environment" in IEICE TRANSACTIONS on Information,
vol. E103-D, no. 4, pp. 825-837, April 2020, doi: 10.1587/transinf.2019EDP7188.
Abstract: Due to the superior performance, deep learning has been widely applied to various applications, including image classification, bioinformatics, and cybersecurity. Nevertheless, the research investigations on deep learning in the adversarial environment are still on their preliminary stage. The emerging adversarial learning methods, e.g., generative adversarial networks, have introduced two vital questions: to what degree the security of deep learning with the presence of adversarial examples is; how to evaluate the performance of deep learning models in adversarial environment, thus, to raise security advice such that the selected application system based on deep learning is resistant to adversarial examples. To see the answers, we leverage image classification as an example application scenario to propose a framework of Evaluating Deep Learning for Image Classification (EDLIC) to conduct comprehensively quantitative analysis. Moreover, we introduce a set of evaluating metrics to measure the performance of different attacking and defensive techniques. After that, we conduct extensive experiments towards the performance of deep learning for image classification under different adversarial environments to validate the scalability of EDLIC. Finally, we give some advice about the selection of deep learning models for image classification based on these comparative results.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2019EDP7188/_p
Copy
@ARTICLE{e103-d_4_825,
author={Ye PENG, Wentao ZHAO, Wei CAI, Jinshu SU, Biao HAN, Qiang LIU, },
journal={IEICE TRANSACTIONS on Information},
title={Evaluating Deep Learning for Image Classification in Adversarial Environment},
year={2020},
volume={E103-D},
number={4},
pages={825-837},
abstract={Due to the superior performance, deep learning has been widely applied to various applications, including image classification, bioinformatics, and cybersecurity. Nevertheless, the research investigations on deep learning in the adversarial environment are still on their preliminary stage. The emerging adversarial learning methods, e.g., generative adversarial networks, have introduced two vital questions: to what degree the security of deep learning with the presence of adversarial examples is; how to evaluate the performance of deep learning models in adversarial environment, thus, to raise security advice such that the selected application system based on deep learning is resistant to adversarial examples. To see the answers, we leverage image classification as an example application scenario to propose a framework of Evaluating Deep Learning for Image Classification (EDLIC) to conduct comprehensively quantitative analysis. Moreover, we introduce a set of evaluating metrics to measure the performance of different attacking and defensive techniques. After that, we conduct extensive experiments towards the performance of deep learning for image classification under different adversarial environments to validate the scalability of EDLIC. Finally, we give some advice about the selection of deep learning models for image classification based on these comparative results.},
keywords={},
doi={10.1587/transinf.2019EDP7188},
ISSN={1745-1361},
month={April},}
Copy
TY - JOUR
TI - Evaluating Deep Learning for Image Classification in Adversarial Environment
T2 - IEICE TRANSACTIONS on Information
SP - 825
EP - 837
AU - Ye PENG
AU - Wentao ZHAO
AU - Wei CAI
AU - Jinshu SU
AU - Biao HAN
AU - Qiang LIU
PY - 2020
DO - 10.1587/transinf.2019EDP7188
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E103-D
IS - 4
JA - IEICE TRANSACTIONS on Information
Y1 - April 2020
AB - Due to the superior performance, deep learning has been widely applied to various applications, including image classification, bioinformatics, and cybersecurity. Nevertheless, the research investigations on deep learning in the adversarial environment are still on their preliminary stage. The emerging adversarial learning methods, e.g., generative adversarial networks, have introduced two vital questions: to what degree the security of deep learning with the presence of adversarial examples is; how to evaluate the performance of deep learning models in adversarial environment, thus, to raise security advice such that the selected application system based on deep learning is resistant to adversarial examples. To see the answers, we leverage image classification as an example application scenario to propose a framework of Evaluating Deep Learning for Image Classification (EDLIC) to conduct comprehensively quantitative analysis. Moreover, we introduce a set of evaluating metrics to measure the performance of different attacking and defensive techniques. After that, we conduct extensive experiments towards the performance of deep learning for image classification under different adversarial environments to validate the scalability of EDLIC. Finally, we give some advice about the selection of deep learning models for image classification based on these comparative results.
ER -
English
