Detection of Adversarial Examples Through Chaotic Features Extracted From Ordinal Patterns
Deep learning (DL) has significantly transformed computer vision, demonstrating remarkable achievements and extensive real-world applications. However, recent studies have highlighted a critical vulnerability of DL models to adversarial examples (AE), where slight perturbations in input data can lea...
| Autores: | , , , , |
|---|---|
| Tipo de recurso: | artículo |
| Fecha de publicación: | 2026 |
| País: | España |
| Institución: | Fundación Dialnet. Universidad de La Rioja |
| Repositorio: | RUIdeRA. Repositorio Institucional de la UCLM |
| OAI Identifier: | oai:ruidera.uclm.es:10578/47766 |
| Acceso en línea: | https://ietresearch.onlinelibrary.wiley.com/doi/full/10.1049/ipr2.70323 https://hdl.handle.net/10578/47766 |
| Access Level: | acceso abierto |
| Palabra clave: | Adversarial Examples Chaotic Features Ordinal Patterns |
| Sumario: | Deep learning (DL) has significantly transformed computer vision, demonstrating remarkable achievements and extensive real-world applications. However, recent studies have highlighted a critical vulnerability of DL models to adversarial examples (AE), where slight perturbations in input data can lead to erroneous outputs. We observe that the behaviour of the AE is similar to a chaotic system, where a minor change in the input leads to a significantly different output. In response, we propose a novel approach for detecting and categorizing adversarial inputs encountered by classification neural networks. The proposed approach focuses on extracting statistical profiles, termed as chaotic feature vectors (CFVs), from a collection of features derived from ordinal patterns (OP). In this work, the proposed AE detection method is tested on seven attack methods and three image datasets including MNIST, FMNIST and CIFAR10. The results indicate that CFVs exhibit promising capabilities in discerning AE against various types of adversarial attacks on different datasets. This advancement lays the foundation for devising attack mitigation strategies, thereby enhancing the robustness and security of DL models in the face of adversarial threats. |
|---|