Upload File

a theoretical framework for robustness of ......a theoretical framework for robustness of (deep)...

  • Home
  • Documents
  • A THEORETICAL FRAMEWORK FOR ROBUSTNESS OF ......A THEORETICAL FRAMEWORK FOR ROBUSTNESS OF (DEEP) CLASSIFIERS UNDER ADVERSARIAL EXAMPLES Beilun Wang, Ji Gao and Yanjun Qi Department
1
A THEORETICAL FRAMEWORK FOR ROBUSTNESS OF (DEEP) CLASSIFIERS UNDER ADVERSARIAL EXAMPLES Beilun Wang, Ji Gao and Yanjun Qi Department of Computer Science, University of Virginia Problem Setting: Define Adversarial Examples: Towards Principled Solutions (for DNNs): Our theorems suggest a list of possible solutions that may improve the robustness of DNN classifiers against adversarial samples. Options include, like (1) learning a better 1 2 ; (2) modifying unnecessary features (See Poster DeepMask-Tuesday Morning W18 ). For (1), the alternative method for hardening the DNN models is minimizing some loss functions 3 4 5 (7, 7′) so that when : . (; . 7 ,; . (7′)) < = (approximated by (>, ∥⋅∥)), this loss 3 4 5 (7, 7′) is small. A table of comparing existing hardening solutions using this method is shown as following: Experiment Evaluation Define (A B , C)-Strong-robustness: Why DNN model is not strong-robust. Why a classifier is vulnerable to adversarial samples. Sufficient Condition for Strong-robustness: Strong-robustness for D . Experimental Evaluation: Towards Principled Understanding

Upload: others

Post on 14-Sep-2020

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: A THEORETICAL FRAMEWORK FOR ROBUSTNESS OF ......A THEORETICAL FRAMEWORK FOR ROBUSTNESS OF (DEEP) CLASSIFIERS UNDER ADVERSARIAL EXAMPLES Beilun Wang, Ji Gao and Yanjun Qi Department

ATHEORETICALFRAMEWORKFORROBUSTNESSOF(DEEP)CLASSIFIERSUNDERADVERSARIALEXAMPLES

BeilunWang,JiGaoandYanjun QiDepartmentofComputerScience,UniversityofVirginia

ProblemSetting:

DefineAdversarialExamples:

TowardsPrincipledSolutions(forDNNs):

OurtheoremssuggestalistofpossiblesolutionsthatmayimprovetherobustnessofDNNclassifiersagainstadversarialsamples.Optionsinclude,like(1)learningabetter12 ;(2)modifyingunnecessaryfeatures(SeePosterDeepMask-TuesdayMorningW18).

• For(1),thealternativemethodforhardeningtheDNNmodelsisminimizingsomelossfunctions345(7, 7′)sothatwhen:.(;. 7 , ;.(7′)) < =(approximatedby(>, ∥⋅∥)),thisloss345(7, 7′)issmall.Atableofcomparingexistinghardeningsolutionsusingthismethodisshownasfollowing:

ExperimentEvaluation

Define(AB, C)-Strong-robustness:

WhyDNNmodelisnotstrong-robust.

Whyaclassifierisvulnerabletoadversarialsamples.

SufficientConditionforStrong-robustness:

Strong-robustness forD.

ExperimentalEvaluation:

TowardsPrincipledUnderstanding

Robustness Analysis Dr. Neal CIS 480. Outline What is robustness analysis? Key roles in robustness analysis Object types found in discovery Diagramming

Quantitative Spatial Economics - Home | Princeton …erossi/QSE.pdfof theoretical models of economic geography, highlighting the robustness of this framework to perturbations in theoretical

ATP Robustness

Robustness Tests for Quantitative Researchpolsci.org/robustness/robustness.pdf · Quantitative Research Eric Neumayer and Thomas Plümper . The Case for Robustness Tests Empirical

Robustness and evolvability in genetic regulatory networksmax/Spanish/robustjtb.pdfJournal of Theoretical Biology 245 (2007) 433–448 Robustness and evolvability in genetic regulatory

RELATION BETWEEN ROBUSTNESS, EVOLVABILITY AND FITNESS · RELATION BETWEEN ROBUSTNESS, EVOLVABILITY AND FITNESS. RELATION BETWEEN ROBUSTNESS, EVOLVABILITY AND FITNESS SUPPORTED BY

System Robustness - Principles of Complex Systems CSYS ......System Robustness Robustness HOT theory Self-Organized Criticality COLD theory Network robustness References VOLUME84,

Robustness - IIMAS :: UNAMcgg/teach/Pamplona/10-Robustness.pdf · ja i b ij (1) Robustness Carlos Gershenson Contenido Introduction Robustness Robustness in Nature Robustness in Arti

A THEORETICAL FRAMEWORK FOR ROBUSTNESS OF (DEEP

Robustness presentation

Gate robustness:

On the robustness of stable turning processesdombovari/Downloads/2008_IJMMM... · 324 Z. Dombovari, R.E. Wilson and G. Stepan where h 0 is the theoretical chip thickness and τ =

Delay Robustness Mirkin

Software Robustness Tutorial

AT09363: PTC Robustness Design Guide - Microchip Technologyww1.microchip.com/...ptc-robustness-design-guide... · AT09363: PTC Robustness Design Guide APPLICATION NOTE Introduction

Chapter 10 Robustness

FINANCE RESEARCH SEMINAR SUPPORTED BY UNIGESTION · On the one hand, it provides robustness test to the empirical ndings and theoretical models for US stock sample, especially using

Estimating Robustness - balintszoke.com

Robustness Checks and Robustness Tests in Applied Economicsecon.ucsb.edu/~doug/245a/Papers/Robustness Checks.pdf · Robustness Checks and Robustness Tests in Applied Economics Halbert

Robustness - Novembre 2014

Robustness Disproportionate Collapse

Presented by Chen Lei & Gan Yannan Beilun Middle School Activities and Grammar

On the Robustness of Robustness Checks of the

Robustness Analysis - MTALAB

No. 17 Middle Xing Ye Road, Ningbo Free Trade Zone, Beilun ... · No. 17 Middle Xing Ye Road, Ningbo Free Trade Zone, Beilun, Ningbo 315800 Phone: +86 574 8682 1020 Fax:+86 574 8682

Supply Chain Robustness

Decentralized Robustness

The European Unemployment Experience: Theoretical Robustness

Market Closure and Short-Term Reversal · Market Closure and Short-Term Reversal Abstract ... On one hand, it provides robustness test to the empirical ndings and theoretical models

Foley - Robustness

Design for Robustness

Robustness of classifiers_from_adversarial_to_random_noise

Theoretical bounds for algebraic multigrid performance ...lukeo.cs.illinois.edu/files/2014_MaOl_amgtheory.pdf · Algebraic multigrid methods continue to grow in robustness as effective

Computation of τ-estimates for regressionmatias/algorithmsShort_v4.pdf · (Yohai and Zamar 1988) also combine good robustness and high efficiency. Moreover, they have two theoretical

Robustness is dead! Long live robustness!