Although the remarkable performance of deep neural networks (DNNs) in image classification, their vulnerability to adversarial attacks remains a critical challenge. Most existing detection methods rely on complex and poorly interpretable architectures, which compromise interpretability and generalization. To address this, we propose FeatureLens, a lightweight framework that acts as a lens to scrutinize anomalies in image features. Comprising an Image Feature Extractor (IFE) and shallow classifiers (e.g., SVM, MLP, or XGBoost) with model sizes ranging from 1,000 to 30,000 parameters, FeatureLens achieves high detection accuracy ranging from 97.8% to 99.75% in closed-set evaluation and 86.17% to 99.6% in generalization evaluation across FGSM, PGD, CW, and DAmageNet attacks, using only 51 dimensional features. By combining strong detection performance with excellent generalization, interpretability, and computational efficiency, FeatureLens offers a practical pathway toward transparent and effective adversarial defense.

翻译：尽管深度神经网络（DNNs）在图像分类任务中表现卓越，但其对对抗攻击的脆弱性仍是一个关键挑战。现有的大多数检测方法依赖于复杂且可解释性差的架构，这损害了可解释性和泛化能力。为此，我们提出了FeatureLens，一个轻量级框架，其作用如同一个透镜，用于审视图像特征中的异常。该框架由一个图像特征提取器（IFE）和浅层分类器（如SVM、MLP或XGBoost）组成，模型参数量在1,000至30,000之间。仅使用51维特征，FeatureLens在闭集评估中对FGSM、PGD、CW和DAmageNet攻击的检测准确率达到97.8%至99.75%，在泛化评估中达到86.17%至99.6%。通过将强大的检测性能与优异的泛化能力、可解释性及计算效率相结合，FeatureLens为实现透明且有效的对抗防御提供了一条实用途径。