Proceedings of the 2nd International Conference on Recent Advancement and Modernization in Sustainable Intelligent Technologies & Applications (RAMSITA-2026)

<Previous Article In Volume
Next Article In Volume>

Adversarial Training Using FGSM Attack for Convolutional Neural Networks

Authors
Neha Mehra1, *, Urjita Thakar1, Vrinda Tokekar2
1Shri Govindram Seksaria Institute of Technology and Science (SGSITS), Indore, India
2Institute of Engineering and Technology (IET-DAVV), Indore, India
*Corresponding author. Email: mehra.neha40@gmail.com
Corresponding Author
Neha Mehra
Available Online 28 May 2026.
DOI
10.2991/978-94-6239-678-4_13How to use a DOI?
Keywords
Adversarial Training; FGSM; Convolutional Neural Networks; Machine Learning Security; Gradient-based Methods; Robustness
Abstract

Deep neural networks are highly vulnerable to adversarial perturbations, which can significantly reduce their classification performance. To address this vulnerability, this work applies Fast Gradient Sign Method (FGSM) based adversarial training to improve the robustness of convolutional neural networks. FGSM generates perturbed inputs through a single gradient-based step, making it an efficient method for exposing model weaknesses. FGSM generates adversarial perturbation examples by applying a one-step perturbation in the direction of the gradient sign, making it fast and efficient attack generation method. In this study, FGSM-crafted samples are incorporated during training, and the effect of varying epsilon values and clean–adversarial data ratios is examined on MNIST (Modified National Institute of Standards and Technology) dataset consists of handwritten digit images and CIFAR-10 (Canadian Institute for Advanced Research) dataset contains color images across 10 classes. Experimental results show that adversarial training enhances resilience against FGSM attacks while maintaining acceptable accuracy on clean inputs, highlighting its effectiveness as a practical defense strategy for secure deep learning systems.

Copyright
© 2026 The Author(s)
Open Access
Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International License (http://creativecommons.org/licenses/by-nc/4.0/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

Download article (PDF)

<Previous Article In Volume
Next Article In Volume>
Volume Title
Proceedings of the 2nd International Conference on Recent Advancement and Modernization in Sustainable Intelligent Technologies & Applications (RAMSITA-2026)
Series
Advances in Intelligent Systems Research
Publication Date
28 May 2026
ISBN
978-94-6239-678-4
ISSN
1951-6851
DOI
10.2991/978-94-6239-678-4_13How to use a DOI?
Copyright
© 2026 The Author(s)
Open Access
Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International License (http://creativecommons.org/licenses/by-nc/4.0/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

Cite this article

risenwbib
TY  - CONF
AU  - Neha Mehra
AU  - Urjita Thakar
AU  - Vrinda Tokekar
PY  - 2026
DA  - 2026/05/28
TI  - Adversarial Training Using FGSM Attack for Convolutional Neural Networks
BT  - Proceedings of the 2nd International Conference on Recent Advancement and Modernization in Sustainable Intelligent Technologies & Applications (RAMSITA-2026)
PB  - Atlantis Press
SP  - 148
EP  - 161
SN  - 1951-6851
UR  - https://doi.org/10.2991/978-94-6239-678-4_13
DO  - 10.2991/978-94-6239-678-4_13
ID  - Mehra2026
ER  -