Language selection

Government of Canada / Gouvernement du Canada

Search

Learning from the good ones: risk profiling-based defenses against evasion attacks on DNNs

From National Research Council Canada

DOIResolve DOI: https://doi.org/10.1109/DSN-W65791.2025.00073
AuthorSearch for: ; Search for: ; Search for: 1ORCID identifier: https://orcid.org/0000-0001-7819-5715; Search for:
Affiliation
  1. National Research Council Canada. Digital Technologies
FormatText, Article
Conference55th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W 2025), June 23-26, 2025, Naples, Italy
Subjectdegradation; accuracy; conferences; medical services; artificial neural networks; computational efficiency; vehicle dynamics; autonomous vehicles
Abstract
Deep neural networks (DNNs) have gained traction in safety-critical applications such as healthcare [1]–[5] and autonomous vehicles (AVs) [6]–[8]. However, DNNs are highly susceptible to evasion attacks [9]–[11], which trick DNNs into misclassifying an adversarial sample at inference time [12], [13]. Researchers have proposed several defenses to protect DNNs against evasion attacks, with defenses being either static or dynamic in nature. Static defenses are easier to implement, demonstrate higher accuracy on benign data, and are more computationally efficient, but cannot adapt to different attack strategies or the evolving behavior of victim instances (e.g., patients) [14]. Dynamic defenses are more robust to evasion attacks because they adapt to evolving attack and victim behaviors, but suffer from degradation of benign data accuracy and high computational overhead at inference time. Therefore, they are not suitable for time-sensitive safety-critical applications [15].
Publication date
PublisherIEEE
In
  • 55th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W 2025) Proceedings, 11071627 (14 July 2025): 256258.
Other version
  • Elnawawy, Mohammed, Gargi Mitra, Shahrear Iqbal, and Karthik Pattabiraman. ‘Learning from the Good Ones: Risk Profiling-Based Defenses Against Evasion Attacks on DNNs’. arXiv, 2025. https://doi.org/10.48550/ARXIV.2505.06477.
LanguageEnglish
Peer reviewedYes
Export citationExport as RIS
Report a correctionReport a correction (opens in a new tab)
Record identifiereee97a15-c30e-4405-8c1b-d9d5cd863a68
Record created2025-07-31
Record modified2025-08-01
Date modified: