{N. B. Puhan Soumya P. Dash Aryaman Sinha}

Abstract

In this work, a non-orthogonal multiple access (NOMA)-inspired defense method is proposed to mitigate the effect of adversarial attacks, which pose a major challenge towards deep neural networks (DNNs) in multimedia networks. The novel defense method, namely NOMA-inspired reconstruction operation (NOMARO), incorporates a copy of the input image generated by applying the untargeted adversarial attack. The copy and input images are superposed with a power allocation factor inversely proportional to the correlation between the considered images. To the best of our knowledge, this is the first communication theory based approach to design an adversarial defense method to be useful in multimedia applications. A comparative study with the existing defense techniques shows the superior performance of the proposed NOMARO defense against the state-of-the-art C&W and Square attacks in white-box and black-box settings, respectively, on popular DNN models.