Defed: An Edge-Feature-Enhanced Image Denoised Network Against Adversarial Attacks for Secure Internet of Things

Yang Xiao, Chengjia Yan, Shuo Lyu, Qingqi Pei, Ximeng Liu, Ning Zhang, Mianxiong Dong

Research output: Contribution to journalArticlepeer-review


With the prosperous development of Internet of Things (IoT), IoT devices have been deployed in various applications, which generates large volume of image data to trace and record the users' behaviors, resulting in better IoT services. To accurately analyze these huge data to further improve users' experience on IoT services, deep neural networks (DNNs) are gaining more attention and have become increasingly popular. However, recent studies have shown that DNN models are vulnerable to adversarial attacks, which leads to the risk of applications in practice. Previous works are devoted to extract invariant features from the content circled by edges in images, while such features cannot efficiently deal with the adversarial effect. In this work, we first study this problem from a new angle by exploring the edge feature information, which is intractable to be influenced by adversarial attacks demonstrated by our empirical analysis. Based on this, we propose a novel edge feature-enhanced defense approach called Defed which incorporates edge feature information into denoised network to defend against various adversarial attacks in image area. For the training phase, we only add benign images as the input and exert Gaussian noise to substitute the adversarial attacks to mitigate the dependency of models on specific adversarial attacks. For inference, we design a combination of multiple Defeds trained by different Gaussian noise levels and deploy confidence intervals to judge whether an image is adversarial or not. Experiments over real-world data sets on image classification demonstrate the efficacy and superiority compared to the state-of-the-art defense approaches.

Original languageEnglish
Pages (from-to)6836-6848
Number of pages13
JournalIEEE Internet of Things Journal
Issue number8
StatePublished - Apr 15 2023

Bibliographical note

Funding Information:
This work was supported in part by the National Key Research and Development Program of China under Grant 2022YFB3102700; in part by the National Natural Science Foundation of China under Grant 62132013, Grant 62102295, and Grant 62202358; in part by the Key Research and Development Programs of Shaanxi under Grant 2021ZDLGY06-03; and in part by the Fundamental Research Funds for the Central Universities under Grant XJS211513.

Publisher Copyright:
© 2014 IEEE.


  • Adversarial attacks
  • Internet of Things (IoT)
  • defense
  • security

ASJC Scopus subject areas

  • Information Systems
  • Signal Processing
  • Hardware and Architecture
  • Computer Networks and Communications
  • Computer Science Applications


Dive into the research topics of 'Defed: An Edge-Feature-Enhanced Image Denoised Network Against Adversarial Attacks for Secure Internet of Things'. Together they form a unique fingerprint.

Cite this