Code-Bridged Classifier (CBC): A Low or Negative Overhead Defense for Making a CNN Classifier Robust Against Adversarial Attacks

Farnaz Behnia1, ali mirzaeian1, Mohmmad Sabokrou2, Sai Manoj1, Tinoosh Mohsenin3, Khaled Khasawneh1, Liang Zhao1, Houman Homayoun4, Avesta Sasan1
1George Mason University, 2self, 3University of Maryland Baltimore County, 4University of California Davis


Abstract

In this paper, we propose Code-Bridged Classifier (CBC), a framework for making a Convolutional Neural Network (CNNs) robust against adversarial attacks without increasing or even by decreasing the overall models’ computational complexity. More specifically, we propose a stacked encoder-convolutional model, in which the input image is first encoded by the encoder module of a denoising auto-encoder, and then the resulting latent representation (without being decoded) is fed to a reduced complexity CNN for image classification. We illustrate that this network not only is more robust to adversarial examples but also has a significantly lower computational complexity when compared to the prior art defenses.