Adversarial attacks threaten the deployment of deep neural networks in safety-critical applications. This paper introduces Adaptive Transformation Scheduling based on Severity confidence scores (ATSS), a novel defense framework that dynamically schedules transformation operations based on estimated attack severity. ATSS employs a multi-layer confidence scoring mechanism to assess adversarial severity and utilizes a multi-armed bandit scheduler to optimize the transformation policy in real-time, aiming to achieve superior adversarial robustness while maintaining computational efficiency.
Key findings
ATSS dynamically schedules transformation operations based on estimated attack severity.
A multi-layer confidence scoring mechanism assesses adversarial severity.
A multi-armed bandit approach optimizes the defense strength-computation trade-off.
The proposed method aims to maintain computational efficiency while enhancing robustness against adversarial attacks.
Limitations & open questions
The effectiveness of ATSS in real-world applications with evolving attack patterns is yet to be determined.
The computational overhead introduced by the multi-layer confidence scoring mechanism needs further optimization.