On the adversarial robustness of hand-crafted features and their role in defending adversarial examples

Deep Neural Networks (DNNs) have achieved tremendous success in various computer vision tasks but remain highly vulnerable to adversarial examples. To address this limitation, we investigate the inherent robustness of hand-crafted features and validate their resilience against adversarial perturbations. Building on this insight, we propose two complementary approaches to leverage this robustness for improving the adversarial resilience of DNNs. First, we introduce the Adversarial Awareness Score (AAS), a novel metric that quantifies the robustness disparity between Wavelet Scattering Network (WSN) features and DNN features to detect adversarial inputs. Experiments on the ImageNet dataset demonstrate that our AAS-based detection method achieves an average accuracy of 87.28% across multiple attack types, significantly outperforming state-of-the-art detection methods. Second, we develop an AAS-guided Jacobian regularisation strategy that dynamically penalises the training loss based on the adversarial likelihood of each input, as indicated by the AAS. This adaptive regularisation enhances model robustness while preserving accuracy on clean inputs. Together, these contributions demonstrate the practical utility of hand-crafted features in defending against adversarial threats, thereby building more trustworthy AI systems. (Codes are available at https://github.com/lestrance/RobustAI).