Skip to main content
SpringerLink
Log in

Multi-label Adversarial Defense Scheme Based on Negative Correlation Ensemble

  • Conference paper
  • First Online:
Advances in Swarm Intelligence (ICSI 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13969))

Included in the following conference series:

  • 496 Accesses

Abstract

Adversarial examples have become an important issue in the field of deep learning security. There have been many studies on adversarial example attack and defense algorithms for single-label classification models. However, in the real world, multi-label classification models are also widely used. There are only a few studies on adversarial example attack and defense algorithms for multi-label classification models. In this paper, we propose a negative correlation ensemble defense scheme against multi-label adversarial examples (ML-NCEn). The fundamental principle of ML-NCEn is to make the gradient directions and magnitudes of member models negatively correlated with those of other members, respectively, in the positive and negative label sets. Experimental results show that ML-NCEn has good adversarial robustness.

This study is supported by the National Key R &D Program of China (Grant No. 2022YFB3102100), Shenzhen Fundamental Research Program (Grant No. JCYJ20220818102414030), the Major Key Project of PCL (Grant No. PCL2022A03, PCL2021A02, PCL2021A09), Guangdong Provincial Key Laboratory of Novel Security Intelligence Technologies (Grant No. 2022B1212010005).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abbasi, M., Gagné, C.: Robustness to adversarial examples through an ensemble of specialists. In: Proceedings of the 5th International Conference on Learning Representations. OpenReview (2017)

    Google Scholar 

  2. Akhtar, N., Mian, A.S.: Threat of adversarial attacks on deep learning in computer vision: a survey. IEEE Access 6, 14410–14430 (2018)

    Article  Google Scholar 

  3. Akhtar, Z., Mouree, M.R., Dasgupta, D.: Utility of deep learning features for facial attributes manipulation detection. In: Proceedings of the IEEE International Conference on Humanized Computing and Communication with Artificial Intelligence, pp. 55–60. IEEE (2020)

    Google Scholar 

  4. Al-Qizwini, M., Barjasteh, I., Al-Qassab, H., Radha, H.: Deep Learning Algorithm for Autonomous Driving Using GoogLeNet. In: Proceedings of the IEEE Intelligent Vehicles Symposium, pp. 89–96. IEEE (2017)

    Google Scholar 

  5. Bagnall, A., Bunescu, R., Stewart, G.: Training Ensembles to Detect Adversarial Examples. CoRR abs/ arXiv: 1712.04006 (2017)

  6. Chan, Z.S.H., Kasabov, N.K.: A preliminary study on negative correlation learning via correlation-corrected data (NCCD). Neural Process. Lett. 21(3), 207–214 (2005)

    Article  Google Scholar 

  7. Dabouei, A., Soleymani, S., Taherkhani, F., Dawson, J.M., Nasrabadi, N.M.: Exploiting joint robustness to adversarial perturbations. In: 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition, pp. 1119–1128. IEEE, Seattle, WA, USA (2020)

    Google Scholar 

  8. Everingham, M., Eslami, S., Van Gool, L., Williams, C.K., Winn, J., Zisserman, A.: The Pascal Visual Object Classes Challenge: A Retrospective. Int. J. Comput. Vision 111(1), 98–136 (2015)

    Article  Google Scholar 

  9. Everingham, M., Van Gool, L., Williams, C.K., Winn, J., Zisserman, A.: The Pascal Visual Object Classes (VOC) Challenge. Int. J. Comput. Vision 88(2), 303–338 (2010)

    Article  Google Scholar 

  10. Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. In: Proceedings of the International Conference on Learning Representations, OpenReview (2015)

    Google Scholar 

  11. Kariyappa, S., Qureshi, M.K.: Improving Adversarial Robustness of Ensembles with Diversity Training. arXiv e-prints pp. arXiv-1901 (2019)

    Google Scholar 

  12. Krizhevsky, A., Sutskever, I., Hinton, G.E.: ImageNet classification with deep convolutional neural networks. In: Proceedings of the Advances in Neural Information Processing Systems, pp. 1106–1114 (2012)

    Google Scholar 

  13. LeCun, Y., Bengio, Y., Hinton, G.: Deep Learning. Nature 521(7553), 436–444 (2015)

    Article  Google Scholar 

  14. Liu, Y., Yao, X.: Ensemble learning via negative correlation. Neural Netw. 12(10), 1399–1404 (1999)

    Article  Google Scholar 

  15. Liu, Y., Yao, X.: Simultaneous training of negatively correlated neural networks in an ensemble. IEEE Trans. Syst. Man Cybern. 29(6), 716–725 (1999)

    Article  Google Scholar 

  16. Liu, Y., Yao, X., Higuchi, T.: Evolutionary ensembles with negative correlation learning. IEEE Trans. Evol. Comput. 4(4), 380–387 (2000)

    Article  Google Scholar 

  17. Luo, W., Zhang, H., Kong, L., Chen, Z., Tang, K.: Defending adversarial examples by negative correlation ensemble. In: Data Mining and Big Data: 7th International Conference, DMBD 2022, Beijing, China, November 21–24 2022, Proceedings, Part II. pp. 424–438. Springer (2023). https://doi.org/10.1007/978-981-19-8991-9_30

  18. Pang, T., Xu, K., Du, C., Chen, N., Zhu, J.: Improving adversarial robustness via promoting ensemble diversity. In: Proceedings of the 36th International Conference on Machine Learning vol. 97, pp. 4970–4979. PMLR, Long Beach, California, USA (2019)

    Google Scholar 

  19. Paszke, A., et al.: Pytorch: An imperative style, high-performance deep learning library. In: Advances in Neural Information Processing Systems 32 (2019)

    Google Scholar 

  20. Song, Q., Jin, H., Huang, X., Hu, X.: Multi-label Adversarial Perturbations. In: Proceedings of the IEEE International Conference on Data Mining, pp. 1242–1247. IEEE, Singapore (2018)

    Google Scholar 

  21. Sun, Y., Chen, Y., Wang, X., Tang, X.: Deep learning face representation by joint identification-verification. In: Proceedings of the Advances in Neural Information Processing Systems, pp. 1988–1996 (2014)

    Google Scholar 

  22. Szegedy, C., et al.: Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 (2013)

  23. Wang, S., Chen, H., Yao, X.: Negative correlation learning for classification ensembles. In: Proceedings of the International Joint Conference on Neural Networks, pp. 1–8. IEEE, Barcelona, Spain (2010)

    Google Scholar 

  24. Yan, S., Xiong, Y., Lin, D.: Spatial temporal graph convolutional networks for skeleton-based action recognition. In: Proceedings of the AAAI Conference on Artificial Intelligence, pp. 7444–7452 (2018)

    Google Scholar 

  25. Yuan, X., He, P., Zhu, Q., Li, X.: Adversarial examples: Attacks and defenses for deep learning. IEEE Trans. Neural Netw. Learn. Syst. 30(9), 2805–2824 (2019)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Guangdong Provincial Key Laboratory of Novel Security Intelligence Technologies, School of Computer Science and Technology, Harbin Institute of Technology, Shenzhen, 518055, Guangdong, China

    Hongwei Zhang, Wenjian Luo, Zhijian Chen & Qi Zhou

  2. Peng Cheng Laboratory, Shenzhen, 518055, Guangdong, China

    Wenjian Luo

Authors
  1. Hongwei Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wenjian Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhijian Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Qi Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wenjian Luo .

Editor information

Editors and Affiliations

  1. Peking University, Beijing, China

    Ying Tan

  2. Southern University of Science and Technology, Shenzhen, China

    Yuhui Shi

  3. Harbin Institute of Technology, Shenzhen, China

    Wenjian Luo

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhang, H., Luo, W., Chen, Z., Zhou, Q. (2023). Multi-label Adversarial Defense Scheme Based on Negative Correlation Ensemble. In: Tan, Y., Shi, Y., Luo, W. (eds) Advances in Swarm Intelligence. ICSI 2023. Lecture Notes in Computer Science, vol 13969. Springer, Cham. https://doi.org/10.1007/978-3-031-36625-3_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-36625-3_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-36624-6

  • Online ISBN: 978-3-031-36625-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation