ML Anthology

Defending Adversaries Using Unsupervised Feature Clustering VAE

Cheng Zhang, Pan Gao
ICMLW 2021
/icmlw/2021/zhang2021icmlw-defending/

Abstract

We propose a modified VAE (variational autoencoder) as a denoiser to remove adversarial perturbations for image classification. Vanilla VAE's purpose is to make latent variables approximating normal distribution, which reduces the latent inter-class distance of data points. Our proposed VAE modifies this problem by adding a latent variable cluster. So the VAE can guarantee inter-class distance of latent variables and learn class-wised features. Our Feature Clustering VAE performs better on removing perturbations and reconstructing the image to defend adversarial attacks.

PDF ICMLW OpenReview Semantic Scholar

Cite

Text

Zhang and Gao. "Defending Adversaries Using  Unsupervised Feature Clustering VAE." ICML 2021 Workshops: AML, 2021.

Markdown

[Zhang and Gao. "Defending Adversaries Using  Unsupervised Feature Clustering VAE." ICML 2021 Workshops: AML, 2021.](https://mlanthology.org/icmlw/2021/zhang2021icmlw-defending/)

BibTeX

@inproceedings{zhang2021icmlw-defending,
  title     = {{Defending Adversaries Using  Unsupervised Feature Clustering VAE}},
  author    = {Zhang, Cheng and Gao, Pan},
  booktitle = {ICML 2021 Workshops: AML},
  year      = {2021},
  url       = {https://mlanthology.org/icmlw/2021/zhang2021icmlw-defending/}
}