Input restoration adds an extra layer of unknowns and randomness when an adversary evaluates the input and output relationship of the model. This technique reduces the effectiveness of an attacker by preventing or reversing adversarial perturbations.

Explanation

Input restoration adds an extra layer of unknowns and randomness when an attacker evaluates the input and output relationship of the model. 

How it works

This technique reduces the effectiveness of an attacker by preventing or reversing adversarial perturbations. 

How to implement

Pre-processing all inference data.