Friday 28 March 2025
The quest for a more secure artificial intelligence has led researchers to explore new ways of designing neural networks that can withstand attacks from malicious hackers. A recent study has shed light on the effectiveness of one such approach, known as Deep Linearly Gated Networks (DLGN), in protecting against adversarial attacks.
In traditional machine learning models, an attacker can manipulate inputs to deceive the model and cause it to misclassify data. This is particularly concerning for applications where AI decisions have serious consequences, such as self-driving cars or medical diagnosis. DLGNs aim to address this issue by introducing a novel architecture that limits the impact of adversarial attacks.
The researchers trained two types of models: one using the standard training method (STD-TR) and another using the PGD-AT (Projected Gradient Descent with Adversarial Training) approach, which involves training the model on both original data and adversarial examples. The team then tested these models against various types of attacks and evaluated their performance.
The results showed that the PGD-AT model was significantly more resistant to attacks than the STD-TR model. In fact, it was able to correctly classify 93% of adversarial examples, compared to just 0% for the STD-TR model. This is a major improvement, as it suggests that DLGNs can learn to recognize and reject malicious inputs.
Another key finding was the difference in how the two models processed data. The PGD-AT model exhibited a more linear relationship between input features and output classes, whereas the STD-TR model showed a non-linear relationship. This suggests that the PGD-AT model is better able to distinguish between genuine and adversarial inputs.
The researchers also examined the activation patterns within the neural networks, which revealed interesting insights into how the models processed data. The PGD-AT model displayed more active gates in response to adversarial examples, indicating that it was able to detect and reject malicious inputs more effectively. In contrast, the STD-TR model showed a more uniform pattern of activation across all layers.
These findings have significant implications for the development of secure AI systems. By incorporating DLGNs into machine learning models, researchers can create more robust systems that are better equipped to withstand attacks from malicious hackers. This is particularly important in applications where AI decisions have serious consequences, such as healthcare or finance.
Cite this article: “Deep Linearly Gated Networks: A Novel Approach to Securing Artificial Intelligence against Adversarial Attacks”, The Science Archive, 2025.
Artificial Intelligence, Machine Learning, Adversarial Attacks, Deep Neural Networks, Security, Robustness, Linearly Gated Networks, Pgd-At, Activation Patterns, Malicious Inputs
