Detecting and Rectifying Adversarial Images Dealt by Deep Learning Models

Adversarial attacks on images are minute noises intentionally added to an image that can fool a deep learning model to make a wrong classification. There are few methods developed recently to identify adversarial images, we are using the PCA (principal Component Analysis) whitening method. This research work focuses on reconstructing the adversarial image by removing maximum possible adversarial content while retaining maximum possible original data which brings out the new possibility of rectification after detection of adversarial images. This involves reconstructing the image from the PCA whitened image by reversing the process of whitening. The clean and adversarial images are tested on this process and the deep learning model could classify with an accuracy of 83 percentage. In the future, finer noise filtration processes can be researched on, to retain the original quality of the image.