University of Twente Student Theses
Evaluating Auxiliary Frequency-basis Augmentation under adversarial attacks
Kuiper, Daniël (2024) Evaluating Auxiliary Frequency-basis Augmentation under adversarial attacks.
PDF
3MB |
Abstract: | In the realm of machine learning, ensuring the robustness of models against adversarial attacks is critical, particularly in applications such as healthcare, autonomous systems and security. This paper investigates the efficacy of Auxiliary Fourier-basis Augmentation (AFA) as a defense mechanism against adversarial perturbations in computer vision models. AFA introduces additive Fourier-basis noise to enhance model resilience, complementing traditional visual augmentation methods. We evaluate the performance of AFA across the CIFAR-10 dataset using a variety of adversarial attacks including Auto-PGD, FAB and the Square Attack under different $L_\infty$ norms. Experimental results demonstrate that AFA consistently enhances model robustness against adversarial attacks, mitigating accuracy degradation under adversarial attacks compared to models without AFA augmentation. We analyze perturbation patterns in the frequency domain to understand how AFA alters the perturbations, showing significant defense against low and high-frequency perturbations while highlighting vulnerabilities in the medium frequency ranges. |
Item Type: | Essay (Bachelor) |
Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
Subject: | 54 computer science |
Programme: | Computer Science BSc (56964) |
Link to this item: | https://purl.utwente.nl/essays/101021 |
Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Repository Staff Only: item control page