Adversarial Examples Detection and Analysis with Layer-wise Autoencoders

This paper presents a mechanism for detecting adversarial examples based on data representations taken from the hidden layers of the target network. Individual autoencoders at intermediate layers of the target network are trained for this purpose. This describes the manifold of true data and, in consequence, can be used to classify whether a given example has the same characteristics as true data. It also gives insight into the behavior of adversarial examples and their flow through the layers of a deep neural network. Experimental results show that our method outperforms the state of the art in supervised and unsupervised settings.