Convolutional neural networks (CNN) are widely used by researchers due to their extensive advantages over various applications. However, images are highly susceptible to malicious attacks using perturbations that are unrecognized even under human intervention. This causes significant security perils and challenges to CNN-related applications. In this article, an efficient adversarial training model against malevolent attacks is demonstrated. This model is highly robust to black-box malicious examples, it is processed with different malicious samples. Initially, malicious training models like fast gradient descent (FGS), recursive-FGSM (I-FGS), Deep-Fool, and Carlini and Wagner (CW) techniques are utilized that generate adversarial input by means of the CNN acknowledged to the attacker. In the experimentation process, the MNIST dataset comprising 60K and 10K training and testing grey-scale images are utilized. In the experimental section, the adversarial training model reduces the attack accuracy rate (ASR) by an average of 29.2% for different malicious inputs, when preserving the accuracy of 98.9% concerning actual images in the MNIST database. The simulation outcomes show the preeminence of the model against adversarial attacks.

Adversarial instances; Adversarial training models; Convolutional neural network; Deep learning; Defensive mechanism; Image manipulation