AEGIS: A Semantic GAN and Evidential Learning Frameworkfor Robust Adversarial Detection in Vision Sensors
Quick Answer
AEGIS introduces a robust adversarial detection framework utilizing a SemantiGAN module and Evidential Deep Learning, achieving an AUROC of 92.1% and outperforming traditional detectors on the Tiny ImageNet dataset.
Quick Take
AEGIS introduces a robust adversarial detection framework utilizing a SemantiGAN module and Evidential Deep Learning, achieving an AUROC of 92.1% and outperforming traditional detectors on the Tiny ImageNet dataset. The framework effectively filters adversarial inputs and provides calibrated uncertainty estimates, enhancing image classification in vision sensor networks.
Key Points
- SemantiGAN filters adversarial inputs before they affect the classification pipeline.
- Evidential Deep Learning models output evidence with a Dirichlet distribution.
- AEGIS achieves 90.7% accuracy across various adversarial attack types.
- Framework demonstrates improved interpretability and uncertainty calibration.
- Evaluated on Tiny ImageNet, outperforming conventional softmax-based detectors.
Paper Resources
Article Content
From source RSS / original summaryarXiv:2606. 28416v1 Announce Type: new Abstract: Deep neural networks (DNNs) have shown outstanding performance in visual recognition tasks within vision sensor networks; however, they are still vulnerable to adversarial manipulations and imperceptible perturbations that can lead to erroneous predictions. To address that, this paper presents AEGIS, a semantic aware and uncertainty guided adversarial detection framework designed for robust image classification in vision sensors pipelines.
At its core, a SemantiGAN module functions as a multi class semantic discriminator, identifying and filtering visually inconsistent adversarial inputs before they propagate further in the pipeline. For inputs that pass this stage, a stochastic augmentation process generates test time variations, from which handcrafted instability metrics FlipScore, Prediction Inconsistency, Layerwise Cosine Similarity (early and mid layers), and Entropy are computed.
These features are aggregated into a compact five dimensional vector and processed by an Evidential Deep Learning (EDL) classifier, which models output evidence using a Dirichlet distribution to yield both class predictions and calibrated uncertainty estimates. Evaluations on the Tiny ImageNet dataset across six categories clean, FGSM, PGD, patch based, functional, and geometric attacks demonstrate the effectiveness of AEGIS. The proposed framework achieves an AUROC of 92. 1\%, an AUPRC of 90.
2\%, and an accuracy of 90. 7\%, outperforming conventional softmax-based detectors in terms of detection performance, robustness, interpretability, and uncertainty calibration.
Want this in your inbox every morning?
Daily brief at your local 8am — bilingual EN/中文, free.
More from arXiv cs.CV
See more →LLM-Guided ANN Index Optimization for Human-Object Interaction Retrieval
A phase-aware LLM agent optimizes human-object interaction retrieval, outperforming Optuna TPE by 33.3% and VDTuner by 34.2% on the HICO-DET benchmark. This method enhances throughput by 15.3x over UniIR and demonstrates strong transferability across vector database management systems.