University of Twente Student Theses

Login

Evaluating Auxiliary Frequency-basis Augmentation under adversarial attacks

Kuiper, Daniël (2024) Evaluating Auxiliary Frequency-basis Augmentation under adversarial attacks.

[img] PDF
3MB
Abstract:In the realm of machine learning, ensuring the robustness of models against adversarial attacks is critical, particularly in applications such as healthcare, autonomous systems and security. This paper investigates the efficacy of Auxiliary Fourier-basis Augmentation (AFA) as a defense mechanism against adversarial perturbations in computer vision models. AFA introduces additive Fourier-basis noise to enhance model resilience, complementing traditional visual augmentation methods. We evaluate the performance of AFA across the CIFAR-10 dataset using a variety of adversarial attacks including Auto-PGD, FAB and the Square Attack under different $L_\infty$ norms. Experimental results demonstrate that AFA consistently enhances model robustness against adversarial attacks, mitigating accuracy degradation under adversarial attacks compared to models without AFA augmentation. We analyze perturbation patterns in the frequency domain to understand how AFA alters the perturbations, showing significant defense against low and high-frequency perturbations while highlighting vulnerabilities in the medium frequency ranges.
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science BSc (56964)
Link to this item:https://purl.utwente.nl/essays/101021
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page