Resistance to Fast Gradient Sign Method Using Block Switching Algorithm

Abstract

Traditional ways of protecting against the "Fast Gradient Sign Method" attack usually involve methods like altering the input data before processing, training systems to recognize harmful inputs, or identifying harmful inputs directly. However, these traditional methods have a number of shortcomings, including their limited success, vulnerability to more advanced attacks, difficulty in understanding how they work, and too much dependence on standard sets of data for testing.By creating a strong protective,the system against The Fast gradient Sign Technique, the objective of this study is to enhance the resilience of machine learning algorithms against adversarial attacks while improving their safety and dependability in the highest level of accuracy and performance. The studyis guided by three objectives: to investigate the robustness of existing Deep Learning algorithms for defense against the Fast Gradient Sign Method; to implement the block-switching algorithm for defending against the Fast Gradient Sign Method; and to evaluate the performance metric of the block-switching algorithm for the protection of deep learning models against adversarial attacks. The study will consider three theories that underpin the block-switching algorithm including: Avalanche effect, Cryptographic Strength, and Probability theory.The research will use datasets from the Modified National Institute of Standards and Technology and the Canadian Institute for Advanced Research. It will select commonly used deep learning models for image classification, such as Residual Neural Network, Visual Geometry Groups, or Inception, for analysis. The study will employ the Fast Gradient Sign Method to create adversarial examples for each model within the chosen datasets.The researcher will then compare each Deep Learning model's performance on the adversarial dataset with the original dataset to see how resilient each one is against first gradient sign adversarial assaults. To evaluate these criteria including accuracy, precision, recall, and F1 score will be applied. The research will perform a sensitivity analysis on the parameters used in the Fast Gradient Sign Method attack generation to investigate how the attack strength and the number of iterations affect the model's robustness against adversarial attacks.To perform the sensitivity analysis, the researcher will use Python and a set of test data in the Tensor Flowlibrary.