Fighting fire with fire: A spatial-frequency ensemble relation network with generative adversarial learning for adversarial image classification

doi:10.1002/int.22372

CORC > 自动化研究所 > 中国科学院自动化研究所 > 复杂系统管理与控制国家重点实验室 > 先进控制与自动化团队

	Fighting fire with fire: A spatial-frequency ensemble relation network with generative adversarial learning for adversarial image classification
	Zheng, Wenbo 1,4; Yan, Lan 1,2; Gou, Chao 3; Wang, Fei-Yue 1
刊名	INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS
	2021-01-26
页码	41
关键词	adversarial examples ensemble learning generative adversarial learning image classification meta-learning
ISSN号	0884-8173
DOI	10.1002/int.22372
通讯作者	Wang, Fei-Yue(feiyue.wang@ia.ac.cn)
英文摘要	Adversarial images generated by generative adversarial networks are not close to any existing benign images, and contain nonrobust features that have been identified as critical to the robustness of a machine learning model. Since adversarial images have an underlying distribution that differs from normal images, these kinds of images can offer valuable features for training a robust model. To deal with these special features, we focus on a novel machine learning task of adversarial images classification, where adversarial images can be used to investigate the problem of classifying adversarial images themselves. In the setting of this novel task, adversarial images are the ONLY kind of data used in training and testing, rather than not just a set of testing images as usual. To this end, we propose a novel spatial-frequency ensemble relation network with generative adversarial learning. First, we present a spatial-frequency ensemble representation learning to extract the feature of training images. Second, we design a meta-learning-based relation model to gain the relationship between images. Third, to achieve a robust model, we utilize generative adversarial learning and transform the relationship into a Jacobian matrix. Finally, we design a discriminator model that determines whether an adversarial image is from the matching category or not. Experimental results demonstrate that our approach achieves significantly higher performance compared with other state-of-the-arts.
资助项目	National Key R&D Program of China[2018AAA0101502] ; National Key R&D Program of China[2020YFB1600400] ; Key Research and Development Program of Guangzhou[202007050002] ; National Natural Science Foundation of China[61806198] ; National Natural Science Foundation of China[61533019] ; National Natural Science Foundation of China[U1811463]
WOS研究方向	Computer Science
语种	英语
出版者	WILEY
WOS记录号	WOS:000611667200001
资助机构	National Key R&D Program of China ; Key Research and Development Program of Guangzhou ; National Natural Science Foundation of China
内容类型	期刊论文
源URL	[http://ir.ia.ac.cn/handle/173211/42912]
专题	自动化研究所_复杂系统管理与控制国家重点实验室_先进控制与自动化团队
通讯作者	Wang, Fei-Yue
作者单位	1.Chinese Acad Sci, Inst Automat, State Key Lab Management & Control Complex Syst, Beijing 100190, Peoples R China 2.Univ Chinese Acad Sci, Sch Artificial Intelligence, Beijing, Peoples R China 3.Sun Yat Sen Univ, Sch Intelligent Syst Engn, Guangzhou, Peoples R China 4.Xi An Jiao Tong Univ, Sch Software Engn, Xian, Peoples R China
推荐引用方式 GB/T 7714	Zheng, Wenbo,Yan, Lan,Gou, Chao,et al. Fighting fire with fire: A spatial-frequency ensemble relation network with generative adversarial learning for adversarial image classification[J]. INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS,2021:41.
APA	Zheng, Wenbo,Yan, Lan,Gou, Chao,&Wang, Fei-Yue.(2021).Fighting fire with fire: A spatial-frequency ensemble relation network with generative adversarial learning for adversarial image classification.INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS,41.
MLA	Zheng, Wenbo,et al."Fighting fire with fire: A spatial-frequency ensemble relation network with generative adversarial learning for adversarial image classification".INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS (2021):41.