查看文章

Recent research has shown that Convolution Neu-ral Networks (CNNs) are vulnerable to adversarial examples. Many defense techniques like gradient masking etc have been proposed against adversarial attacks. However, these techniques are limited to training methods and do not offer generalizability. Similarly, in a Horizontal Collaborative Environment (HCE) where trained CNN models are partitioned into different layers, models deployed are also subjected to attacks by adversarial inputs. In this work, we develop a defense strategy to harden CNNs in an HCE against adversarial examples through the detection of adversarial inputs. We propose the notion that by obtaining model prediction at different layers of the CNN and noting the prediction inconsistency, an adversarial noise could be detected. In this work, adversarial noises are generated using the Fast Gradient Sign Method (FGSM), Salt and Pepper (S …