Defense Algorithms Against A Fast Gradient Sign Method Attack

Oğuz Kağan Koçak  •  Clara Nunes
abstract

Deep learning models (DLMs) are susceptible to malicious manipulations known
as adversarial attacks, one of which is Fast Gradient Sign Method (FGSM). This
attack generates tiny alterations in input data, leading the target model to
misclassify it.
This paper aims to provide a comprehensive explanation of how FGSM
works, including a detailed analysis of its underlying principles and the
mathematical formulation of the attack. Furthermore, we will explore
countermeasures designed to mitigate the impact of FGSM attacks. These defenses
range from adversarial training and input preprocessing techniques to more
advanced methods like defensive distillation and gradient masking.

outcomes