Class Retrieval of Adversarial Attacks

Adversarial attacks pose a genuine threat in practical machine learning applications. There are existing methods to detect these attacks, which can only prevent the systems from making erroneous decisions, but not helping them in any way. Here we will present a new, additional and required element to ameliorate adversarial attacks: the recovery of the original class after a detected attack. Recovering the original class of an adversarial sample without taking any precautions is an uncharted concept which we would like to introduce with our retrieval algorithm based on counter attacks. As case studies, we demonstrate the validity of our approach on MNIST, CIFAR10 and ImageNet datasets where recovery rates were 88%, 53% and 62% accordingly.