Countering Adversarial Zeroth Order Optimization Attacks Based on Neural-Cleanse, Gaussian and Poisson Noise Adding

Nowadays, machine learning is becoming an increasingly widely used artificial intelligence technology and is being actively implemented in various fields of science and technology, such as defense against cyber attacks, image recognition, computer vision, autonomous vehicles and other complex tasks. However, despite the benefits of machine learning, it attracts the attention of attackers. Cyberattacks against machine learning models, such as classifiers or artificial neural networks, can seriously distort the results of these models and cause irreversible damage to machine learning-based decision-making systems. Therefore, research aimed at countering cyber attacks using machine learning models is becoming very important nowadays. The paper presents a method for protecting against adversarial attacks, Zeroth Order Optimization (ZOO), which is based on the use of Neural-Cleanse technology and the addition of Gaussian and Poisson noise. The proposed approach is aimed at increasing the resistance of neural networks to malicious attacks by additional processing of input data and complicating the optimization problem for attackers. An experimental evaluation of the proposed approach was carried out on the PC Parts Images Dataset using the K-Nearest Neighbors, Random Forest, Naive Bayes Classifier, and Decision Trees classifiers. The study results showed the high efficiency of the proposed approach to protecting models from the effects of adversarial ZOO attacks. The findings may be useful for developing more reliable systems and improving security in the field of machine learning.