Purifying adversarial perturbations based on a text-guided diffusion model

Shihan Zhu; Wanli Lyu

doi:10.1117/12.3032503

27 May 2024 Purifying adversarial perturbations based on a text-guided diffusion model

Shihan Zhu, Wanli Lyu

Proceedings Volume 13169, Fifth International Conference on Computer Vision and Computational Intelligence (CVCI 2024); 1316908 (2024) https://doi.org/10.1117/12.3032503
Event: Fifth International Conference on Computer Vision and Computational Intelligence (CVCI 2024), 2024, Bangkok, Thailand

Abstract

Deep neural networks (DNNs) have found wide applications in various domains. However, recent research has revealed the vulnerability of DNNs to adversarial examples. Existing adversarial attack methods can easily mislead the models. Moreover, while traditional denoising techniques effectively deter certain attacks, they have limitations. To address this, We propose Text-guided Diffusion Model Purification (TGDP), an adversarial perturbation purification method based on diffusion models.This method preprocesses input images to purify adversarial perturbations. TGDP employs Protogen x3.4 (Photorealism) Official Release as a diffusion model for conditional image generation. During the generation process, text information is incorporated to enhance control over the diffusion model instead of relying entirely on the internal randomness of the model. By iteratively adding Gaussian noise to disrupt the adversarial examples and reversing the noise addition process to restore the image afterward, we can completely eliminate carefully crafted perturbations, achieving the purification objective. Extensive experiments on the ImageNet dataset against common adversarial attacks demonstrate that TGDP outperforms other defense methods applied to the ImageNet dataset.

(2024) Published by SPIE. Downloading of the abstract is permitted for personal use only.

Citation Download Citation

Shihan Zhu and Wanli Lyu "Purifying adversarial perturbations based on a text-guided diffusion model", Proc. SPIE 13169, Fifth International Conference on Computer Vision and Computational Intelligence (CVCI 2024), 1316908 (27 May 2024); https://doi.org/10.1117/12.3032503

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members: $17.00

Non-members: $21.00 ADD TO CART

PROCEEDINGS
10 PAGES

DOWNLOAD PAPER SAVE TO MY LIBRARY

GET CITATION

RIGHTS & PERMISSIONS

Get copyright permission Get copyright permission on Copyright Marketplace

KEYWORDS

Defense and security

Diffusion

Image processing

Image classification

Denoising

Image quality

Image restoration

Show All Keywords

Keywords/Phrases

Search In:

Publication Years