{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T11:09:24Z","timestamp":1773054564853,"version":"3.50.1"},"reference-count":33,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2020,5,22]],"date-time":"2020-05-22T00:00:00Z","timestamp":1590105600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["BDCC"],"abstract":"<jats:p>In this work, we propose a novel defense system against adversarial examples leveraging the unique power of Generative Adversarial Networks (GANs) to generate new adversarial examples for model retraining. To do so, we develop an automated pipeline using combination of pre-trained convolutional neural network and an external GAN, that is, Pix2Pix conditional GAN, to determine the transformations between adversarial examples and clean data, and to automatically synthesize new adversarial examples. These adversarial examples are employed to strengthen the model, attack, and defense in an iterative pipeline. Our simulation results demonstrate the success of the proposed method.<\/jats:p>","DOI":"10.3390\/bdcc4020011","type":"journal-article","created":{"date-parts":[[2020,5,22]],"date-time":"2020-05-22T10:18:18Z","timestamp":1590142698000},"page":"11","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["Developing a Robust Defensive System against Adversarial Examples Using Generative Adversarial Networks"],"prefix":"10.3390","volume":"4","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3421-566X","authenticated-orcid":false,"given":"Shayan","family":"Taheri","sequence":"first","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of Central Florida, Orlando, FL 32816, USA"}]},{"given":"Aminollah","family":"Khormali","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of Central Florida, Orlando, FL 32816, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6703-6839","authenticated-orcid":false,"given":"Milad","family":"Salem","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of Central Florida, Orlando, FL 32816, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2548-8327","authenticated-orcid":false,"given":"Jiann-Shiun","family":"Yuan","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of Central Florida, Orlando, FL 32816, USA"}]}],"member":"1968","published-online":{"date-parts":[[2020,5,22]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"378","DOI":"10.1016\/j.comnet.2012.07.021","article-title":"Botnets: A survey","volume":"57","author":"Silva","year":"2013","journal-title":"Comput. Netw."},{"key":"ref_2","unstructured":"Manyika, J., Chui, M., Bisson, P., Woetzel, J., Dobbs, R., Bughin, J., and Aharon, D. (2015). Unlocking the Potential of the Internet of Things, McKinsey Global Institute."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Taheri, S., Salem, M., and Yuan, J.S. (2018). Leveraging Image Representation of Network Traffic Data and Transfer Learning in Botnet Detection. Big Data Cogn. Comput., 2.","DOI":"10.3390\/bdcc2040037"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Vinayakumar, R., Alazab, M., Srinivasan, S., Pham, Q.V., Padannayil, S.K., and Simran, K. (2020). A Visualized Botnet Detection System based Deep Learning for the Internet of Things Networks of Smart Cities. IEEE Trans. Ind. Appl.","DOI":"10.1109\/TIA.2020.2971952"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"54360","DOI":"10.1109\/ACCESS.2019.2913439","article-title":"Adversarial examples for CNN-based malware detectors","volume":"7","author":"Chen","year":"2019","journal-title":"IEEE Access"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z.B., and Swami, A. (2016, January 7\u20138). The limitations of deep learning in adversarial settings. Proceedings of the 2016 IEEE European Symposium on Security and Privacy (EuroS&P), San Sebastian, Spain.","DOI":"10.1109\/EuroSP.2016.36"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z.B., and Swami, A. (2017, January 2\u20136). Practical black-box attacks against machine learning. Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, Abu Dhabi, UAE.","DOI":"10.1145\/3052973.3053009"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Moosavi-Dezfooli, S.M., Fawzi, A., and Frossard, P. (2016, January 27\u201330). Deepfool: A simple and accurate method to fool deep neural networks. Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, Las Vegas, NV, USA.","DOI":"10.1109\/CVPR.2016.282"},{"key":"ref_9","unstructured":"Wang, B., Yao, Y., Viswanath, B., Zheng, H., and Zhao, B.Y. (2018, January 15\u201317). With great training comes great vulnerability: Practical attacks against transfer learning. Proceedings of the 27th USENIX Security Symposium (USENIX Security 18), Baltimore, MD, USA."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"2805","DOI":"10.1109\/TNNLS.2018.2886017","article-title":"Adversarial examples: Attacks and defenses for deep learning","volume":"30","author":"Yuan","year":"2019","journal-title":"IEEE Trans. Neural Netw. Learn. Syst."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"828","DOI":"10.1109\/TEVC.2019.2890858","article-title":"One pixel attack for fooling deep neural networks","volume":"23","author":"Su","year":"2019","journal-title":"IEEE Trans. Evol. Comput."},{"key":"ref_12","unstructured":"Goodfellow, I.J., Shlens, J., and Szegedy, C. (2015, January 7\u20139). Explaining and harnessing adversarial examples. Proceedings of the International Conference on Learning Representation ICLR, San Diego, CA, USA."},{"key":"ref_13","unstructured":"Kurakin, A., Goodfellow, I., and Bengio, S. (2016). Adversarial examples in the physical world. arXiv."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Grosse, K., Papernot, N., Manoharan, P., Backes, M., and McDaniel, P. (2017, January 11\u201315). Adversarial examples for malware detection. Proceedings of the European Symposium on Research in Computer Security, Oslo, Norway.","DOI":"10.1007\/978-3-319-66399-9_4"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"2640","DOI":"10.1109\/TIFS.2017.2718479","article-title":"No bot expects the DeepCAPTCHA! Introducing immutable adversarial examples, with applications to CAPTCHA generation","volume":"12","author":"Osadchy","year":"2017","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_16","unstructured":"Buckman, J., Roy, A., Raffel, C., and Goodfellow, I. (May, January 30). Thermometer encoding: One hot way to resist adversarial examples. Proceedings of the International Conference on Learning Representation ICLR, Vancouver, BC, Canada."},{"key":"ref_17","unstructured":"Guo, C., Rana, M., Cisse, M., and Van Der Maaten, L. (May, January 30). Countering adversarial images using input transformations. Proceedings of the International Conference on Learning Representation ICLR, Vancouver, BC, Canada."},{"key":"ref_18","unstructured":"Song, Y., Kim, T., Nowozin, S., Ermon, S., and Kushman, N. (May, January 30). Pixeldefend: Leveraging generative models to understand and defend against adversarial examples. Proceedings of the International Conference on Learning Representation ICLR, Vancouver, BC, Canada."},{"key":"ref_19","unstructured":"Athalye, A., Carlini, N., and Wagner, D. (2018, January 25\u201331). Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples. Proceedings of the 35th International Conference on Machine Learning, Vienna, Austria."},{"key":"ref_20","unstructured":"Goodfellow, I., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., Courville, A., and Bengio, Y. (2014, January 8\u201313). Generative adversarial nets. Proceedings of the Advances in Neural Information Processing Systems, Montreal, QC, Canada."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Isola, P., Zhu, J.Y., Zhou, T., and Efros, A.A. (2017, January 21\u201328). Image-to-image translation with conditional adversarial networks. Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, Honolulu, HI, USA.","DOI":"10.1109\/CVPR.2017.632"},{"key":"ref_22","unstructured":"Wang, W., Zhu, M., Zeng, X., Ye, X., and Sheng, Y. (2017, January 11\u201313). Malware traffic classification using convolutional neural network for representation learning. Proceedings of the 2017 International Conference on Information Networking (ICOIN), Da Nang, Vietnam."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"273","DOI":"10.1007\/BF00994018","article-title":"Support-vector networks","volume":"20","author":"Cortes","year":"1995","journal-title":"Mach. Learn."},{"key":"ref_24","unstructured":"Ho, T.K. (1995, January 14\u201316). Random decision forests. Proceedings of the 3rd International Conference on Document Analysis and Recognition, Montreal, QC, Canada."},{"key":"ref_25","unstructured":"Yosinski, J., Clune, J., Bengio, Y., and Lipson, H. (2014, January 8\u201313). How transferable are features in deep neural networks?. Proceedings of the Advances in Neural Information Processing Systems, Montreal, QC, Canada."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Dong, Y., Pang, T., Su, H., and Zhu, J. (2019, January 15\u201320). Evading defenses to transferable adversarial examples by translation-invariant attacks. Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, Long Beach, CA, USA.","DOI":"10.1109\/CVPR.2019.00444"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"36322","DOI":"10.1109\/ACCESS.2019.2905015","article-title":"Recent progress on generative adversarial networks (GANs): A survey","volume":"7","author":"Pan","year":"2019","journal-title":"IEEE Access"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Tolosana, R., Vera-Rodriguez, R., Fierrez, J., Morales, A., and Ortega-Garcia, J. (2020). DeepFakes and Beyond: A Survey of Face Manipulation and Fake Detection. arXiv.","DOI":"10.1016\/j.inffus.2020.06.014"},{"key":"ref_29","unstructured":"Engel, J., Agrawal, K.K., Chen, S., Gulrajani, I., Donahue, C., and Roberts, A. (2019). Gansynth: Adversarial neural audio synthesis. arXiv."},{"key":"ref_30","unstructured":"De Cao, N., and Kipf, T. (2018). MolGAN: An implicit generative model for small molecular graphs. arXiv."},{"key":"ref_31","unstructured":"Madry, A., Makelov, A., Schmidt, L., Tsipras, D., and Vladu, A. (May, January 30). Towards deep learning models resistant to adversarial attacks. Proceedings of the International Conference on Learning Representation ICLR, Vancouver, BC, Canada."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1016\/j.cose.2014.05.011","article-title":"An empirical comparison of botnet detection methods","volume":"45","author":"Garcia","year":"2014","journal-title":"Comput. Secur."},{"key":"ref_33","unstructured":"Papernot, N., Faghri, F., Carlini, N., Goodfellow, I., Feinman, R., Kurakin, A., Xie, C., Sharma, Y., Brown, T., and Roy, A. (2018). Technical Report on the CleverHans v2.1.0 Adversarial Examples Library. arXiv."}],"container-title":["Big Data and Cognitive Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2504-2289\/4\/2\/11\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T09:31:35Z","timestamp":1760175095000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2504-2289\/4\/2\/11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,5,22]]},"references-count":33,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2020,6]]}},"alternative-id":["bdcc4020011"],"URL":"https:\/\/doi.org\/10.3390\/bdcc4020011","relation":{},"ISSN":["2504-2289"],"issn-type":[{"value":"2504-2289","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,5,22]]}}}