Learning to Characterize Adversarial Subspaces
Learning to Characterize Adversarial Subspaces
Deep Neural Networks (DNNs) are known to be vulnerable to the maliciously generated adversarial examples. To detect these adversarial examples, previous methods use artificially designed metrics to characterize the properties of adversarial subspaces where adversarial examples lie. However, we find these methods are not working in practical attack detection scenarios. …