Skip to main content
EURASIP Journal on Information Security

Table 3 Classification accuracy on the MNIST test dataset under the white-box attack

From: Secure machine learning against adversarial samples at test time

Attack FGSM C&W BIM DeepFool
Original 29% 7% 7% 29%
Adversarial training (ART) 98% 49% 98% 42%
Robust classifier 100% 98% 99% 99%
Back to article page