Enhancing Machine Learning Security With Robust Discretization-Based Defenses Against Adversarial Attacks

Machine learning (ML) models have security weaknesses, as small input perturbations cause misclassifications, risking healthcare, finance, and autonomous systems. A defense strategy using discrete representation transformation of continuous features enhances model resistance to adversarial attacks. A comparative analysis of discretization methods—quantization, binning, and entropy-based partitioning—applies to ML models like decision trees and deep neural networks. Our defense is tested on adversarial datasets (ImageNet-A, MNIST Adversarial, CIFAR-10 Adversarial) against FGSM, PGD, and CW attacks. Performance evaluation considers accuracy, robustness, adversarial transferability, and computational efficiency. Results show discretization reduces misclassification by 30% while maintaining strong prediction performance. Our research highlights its low cost compared to adversarial training, ensuring scalability. Future work explores adaptive and hybrid discretization to enhance ML security and optimize robustness-efficiency trade-offs.

MoreLess

Year of publication:	2025
Authors:	Patil, Chetan Hiraman ; Zuber, Mohd ; Temurnikar, Ankit
Published in:	AI-Enhanced Cybersecurity for Industrial Automation. - IGI Global Scientific Publishing, ISBN 9798337332437. - 2025, p. 387-406

More details

Type of publication:	Article
Type of publication (narrower categories):	chapter
Language:	English
Other identifiers:	10.4018/979-8-3373-3241-3.ch019 [DOI]
Source:	Other ZBW resources

Persistent link: https://www.econbiz.de/10015536194