• Deep neural networks are vulnerable to small adversarial perturbations in data. We analyze defenses that exploit sparsity in natural data.
  • We show that sparsity-based defenses are provably effective for linear classifers, and then extend our approach to deep networks.
Students

Soorya Gopalakrishnan, Zhinus Marzi

Faculty

Upamanyu Madhow, Ramtin Pedarsani

Publications

S. Gopalakrishnan, Z. Marzi, M. Cekic, U. Madhow, R. Pedarsani, "Robust Adversarial Learning via Sparsifying Front Ends", arXiv:1810.10625.
S. Gopalakrishnan*, Z. Marzi*, U. Madhow, R. Pedarsani, "Combating Adversarial Attacks Using Sparse Representations", in International Conference on Learning Representations (ICLR) Workshop Track, Vancouver, Canada, April 2018.
Z. Marzi*, S. Gopalakrishnan*, U. Madhow, R. Pedarsani, "Sparsity-based Defense against Adversarial Attacks on Linear Classifiers", in IEEE International Symposium on Information Theory (ISIT), Vail, Colorado, June 2018.
Code

https://github.com/soorya19/sparsity-based-defenses