data analytics using deep learning
play

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY - PowerPoint PPT Presentation

Nov 14, 2022 •614 likes •1.1k views

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 2 0 : A D V E R S A R I A L T R A I N I N G administrivia Reminders Best project prize Quiz cancelled Guest lecture GT 8803 // Fall 2019

  1. DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 2 0 : A D V E R S A R I A L T R A I N I N G

  2. administrivia • Reminders – Best project prize – Quiz cancelled – Guest lecture GT 8803 // Fall 2019 2

  3. CREDITS • Slides based on a lecture by: – Ian Goodfellow @ Google Brain GT 8803 // Fall 2019 3

  4. OVERVIEW • What are adversarial examples? • Why do they happen? • How can they be used to compromise machine learning systems? • What are the defenses? • How to use adversarial examples to improve machine learning (even without adversary)? GT 8803 // Fall 2019 4

  5. ADVERSARIAL EXAMPLES 5 GT 8803 // Fall 2019

  6. Since 2013, deep neural networks have matched human performance at... ...recognizing objects and faces…. (Szegedy et al, 2014) (Taigmen et al, 2013) ...solving CAPTCHAS and reading addresses... (Goodfellow et al, 2013) (Goodfellow et al, 2013) and other tasks... 6 GT 8803 // Fall 2019

  7. Adversarial Examples Timeline: “Adversarial Classification” Dalvi et al 2004: fool spam filter “Evasion Attacks Against Machine Learning at Test Time” Biggio 2013: fool neural nets Szegedy et al 2013: fool ImageNet classifiers imperceptibly Goodfellow et al 2014: cheap, closed form attack 7 GT 8803 // Fall 2019

  8. Turning Objects into “Airplanes” 8 GT 8803 // Fall 2019

  9. Attacking a Linear Model 9 GT 8803 // Fall 2019

  10. Not just for neural nets • Linear models – Logistic regression – Softmax regression – SVMs • Decision trees • Nearest neighbors GT 8803 // Fall 2019 10

  11. Adversarial Examples from Overfitting O O x x O O x x GT 8803 // Fall 2019 11

  12. Adversarial Examples from Overfitting O O O O x x x O x GT 8803 // Fall 2019 12

  13. Modern deep nets are very piecewise linear Rectified linear unit Maxout Carefully tuned sigmoid LSTM GT 8803 // Fall 2019 13

  14. Nearly Linear Responses in Practice GT 8803 // Fall 2019 14

  15. Small inter-class distances Corrupted Clean Perturbation example example Perturbation changes the true class Random perturbation does not change the class Perturbation changes the input to “rubbish class” All three perturbations have L2 norm 3.96 This is actually small. We typically use 7! GT 8803 // Fall 2019 15

  16. The Fast Gradient Sign Method GT 8803 // Fall 2019 16

  17. Maps of Adversarial and Random Cross-Sections (collaboration with David Warde-Farley and Nicolas Papernot) GT 8803 // Fall 2019 17

  18. Maps of Adversarial Cross-Sections GT 8803 // Fall 2019 18

  19. Maps of RANDOM Cross-Sections (collaboration with David Warde-Farley and Nicolas Papernot) GT 8803 // Fall 2019 19

  20. Estimating the Subspace Dimensionality GT 8803 // Fall 2019 20

  21. Clever Hans (“Clever Hans, Clever Algorithms,” Bob Sturm) GT 8803 // Fall 2019 21

  22. Wrong almost everywhere GT 8803 // Fall 2019 22

  23. Adversarial Examples for RL (Huang et al., 2017) GT 8803 // Fall 2019 23

  24. High-Dimensional Linear Models Clean examples Adversarial examples Weights Signs of weights GT 8803 // Fall 2019 24

  25. Linear Models of ImageNet (Andrej Karpathy, “Breaking Linear Classifiers on ImageNet”) GT 8803 // Fall 2019 25

  26. RBFs behave more intuitively GT 8803 // Fall 2019 26

  27. Cross-model, cross-dataset generalization GT 8803 // Fall 2019 27

  28. Cross-technique transferability (Papernot 2016) GT 8803 // Fall 2019 28

  29. Transferability Attack Target model with Substitute model Train your own model unknown weights, mimicking target machine learning model with known, algorithm, training differentiable function set; maybe non-differentiable Deploy adversarial Adversarial crafting examples against the against substitute target; transferability property results in them Adversarial succeeding examples GT 8803 // Fall 2019 29

  30. (Papernot 2016) 30 GT 8803 // Fall 2019

  31. Enhancing Transfer With Ensembles (Liu et al, 2016) GT 8803 // Fall 2019 31

  32. Adversarial Examples in the Human Brain These are concentric circles, not intertwined spirals. (Pinna and Gregory, 2002) GT 8803 // Fall 2019 32

  33. Practical Attacks • Fool real classifiers trained by remotely hosted API (MetaMind, Amazon, Google) • Fool malware detector networks • Display adversarial examples in the physical world and fool machine learning systems that perceive them through a camera GT 8803 // Fall 2019 33

  34. Adversarial Examples in the Physical World GT 8803 // Fall 2019 34

  35. Failed defenses Generative Removing perturbation pretraining with an autoencoder Adding noise at test time Ensembles Confidence-reducing Error correcting perturbation at test time codes Multiple glimpses Weight decay Double backprop Adding noise Various at train time Dropout non-linear units GT 8803 // Fall 2019 35

  36. Generative Modeling is not SufficienT GT 8803 // Fall 2019 36

  37. Universal approximator theorem Neural nets can represent either function: Maximum likelihood doesn’t cause them to learn the right function. But we can fix that... GT 8803 // Fall 2019 37

  38. ADVERSARIAL TRAINING 38 GT 8803 // Fall 2019

  39. Training on Adversarial Examples GT 8803 // Fall 2019 39

  40. Adversarial Training of other Models • Linear models: SVM / linear regression cannot learn a step function, so adversarial training is less useful, very similar to weight decay • k-NN: adversarial training is prone to overfitting. • Takeway: neural nets can actually become more secure than other models. Adversarially trained neural nets have the best empirical success rate on adversarial examples of any machine learning model. GT 8803 // Fall 2019 40

  41. Weaknesses Persist GT 8803 // Fall 2019 41

  42. Adversarial Training Labeled as bird Still has same label (bird) Decrease probability of bird class GT 8803 // Fall 2019 42

  43. Virtual Adversarial Training Unlabeled; model New guess should guesses it’s probably match old guess a bird, maybe a plane (probably bird, maybe plane) Adversarial perturbation intended to change the guess GT 8803 // Fall 2019 43

  44. Text Classification with VAT RCV1 Misclassification Rate 8.00 7.70 7.50 7.40 7.20 7.12 7.00 7.05 6.97 6.68 6.50 6.00 Earlier SOTA Our baseline Virtual Both + Adversarial bidirectional model Zoomed in for legibility GT 8803 // Fall 2019 44

  45. Universal engineering machine (model-based optimization) Make new inventions by finding input that Training data Extrapolation maximizes model’s predicted performance 45 GT 8803 // Fall 2019

  46. cleverhans Open-source library available at: https://github.com/openai/cleverhans Built on top of TensorFlow (Theano support anticipated) Standard implementation of attacks, for adversarial training and reproducible benchmarks 46 GT 8803 // Fall 2019

  47. Conclusion • Attacking is easy • Defending is difficult • Adversarial training provides regularization and semi-supervised learning • The out-of-domain input problem is a bottleneck for model-based optimization generally GT 8803 // Fall 2019 47

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DATA ANALYTICS USING DEEP LEARNING GT 8803 FALL 2018 POOJA BHANDARY T O W A R D S A U N I F

DATA ANALYTICS USING DEEP LEARNING GT 8803 FALL 2018 POOJA BHANDARY T O W A R D S A U N I F

DATA ANALYTICS USING DEEP LEARNING GT 8803 FALL 2018 POOJA BHANDARY T O W A R D S A U N I F I E D A R C H I T E C T U R E F O R I N - R D B M S A N A L Y T I C S TODAYs PAPER SIGMOD 2012 In-RDBMS Analytics Hazy project at

317 views • 31 slides
DATA ANALYTICS USING DEEP LEARNING A U T O M A T I C D A T A B A S E M A N A G E M E N T S Y S

DATA ANALYTICS USING DEEP LEARNING A U T O M A T I C D A T A B A S E M A N A G E M E N T S Y S

DATA ANALYTICS USING DEEP LEARNING A U T O M A T I C D A T A B A S E M A N A G E M E N T S Y S T E M T U N I N G T H R O U G H L A R G E - S C A L E M A C H I N E L E A R N I N G S I D D H A R T H B I S W A L TODAYs PAPER

496 views • 32 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 8 : Q

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 8 : Q

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 8 : Q U E R Y E X E C U T I O N administrivia Reminders Sign up for discussion slots on Thursday Proposal presentations on next Wednesday

1.32k views • 112 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 9 : Q

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 9 : Q

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 9 : Q U E R Y O P T I M I Z A T I O N administrivia Reminders Assignment 1: postponed to next Monday Sign up for discussion slots on Thursday

1.68k views • 150 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 6 : D

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 6 : D

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 6 : D I S K - C E N T R I C A N D I N - M E M O R Y D A T A B A S E S Y S T E M S administrivia Project ideas List shared on Piazza Start

1.22k views • 80 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 1 2 : T

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 1 2 : T

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 1 2 : T R A I N I N G N E U R A L N E T W O R K S ( P T 1 ) administrivia Reminders Integration with Eva Code reviews Each team must send

934 views • 70 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 7 : S

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 7 : S

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 7 : S T O R A G E M O D E L S & C O M P R E S S I O N administrivia Reminder Assignment 1 due on next Wednesday Sign up for discussion

1.09k views • 63 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 1 : C

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 1 : C

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ L E C T U R E # 0 1 : C O U R S E I N T R O D U C T I O N WELCOME TO 8803-DDL This is a cross-cutting course! Gain holistic understanding of three areas Data

1k views • 67 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // SIDDHARTH BISWAL L E C T U R E # 0 3 : B L A Z E

DATA ANALYTICS USING DEEP LEARNING GT 8803 // SIDDHARTH BISWAL L E C T U R E # 0 3 : B L A Z E

DATA ANALYTICS USING DEEP LEARNING GT 8803 // SIDDHARTH BISWAL L E C T U R E # 0 3 : B L A Z E I T : F A S T E X P L O R A T O R Y V I D E O Q U E R I E S U S I N G N E U R A L N E T W O R K S TODAYs PAPER BlazeIt: Fast

280 views • 23 slides
Effectiveness of Deep Learning Vs. Machine Learning in a Health Care Use Case RxToDx A Data

Effectiveness of Deep Learning Vs. Machine Learning in a Health Care Use Case RxToDx A Data

Effectiveness of Deep Learning Vs. Machine Learning in a Health Care Use Case RxToDx A Data Science Machine Learning/Deep Learning Show Case Dima Rekesh/Julie Zhu/Ravi Rajagopalan Optum Technology November, 2017 Analytics Machine

483 views • 32 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ S P E A K I N G T I P S

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ S P E A K I N G T I P S

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ S P E A K I N G T I P S CREDITS Based on a talk given by: Margaret Martonosi (Princeton) Computer architect GT 8803 // Fall 2019 2 MOTIVATION

871 views • 75 slides
UNIFIED MEMORY FOR DATA ANALYTICS AND DEEP LEARNING Nikolay Sakharnykh, Chirayu Garg, and Dmitri

UNIFIED MEMORY FOR DATA ANALYTICS AND DEEP LEARNING Nikolay Sakharnykh, Chirayu Garg, and Dmitri

UNIFIED MEMORY FOR DATA ANALYTICS AND DEEP LEARNING Nikolay Sakharnykh, Chirayu Garg, and Dmitri Vainbrand, Thu Mar 19, 3:00 PM RAPIDS CUDA-accelerated Data Science Libraries PYTHON DL RAPIDS FRAMEWORKS DASK / SPARK cuGraph cuDF cuML

720 views • 46 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2018 // JACOB LOGAS L E C T U R E # 1 0 : L

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2018 // JACOB LOGAS L E C T U R E # 1 0 : L

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2018 // JACOB LOGAS L E C T U R E # 1 0 : L O C A L I T Y - S E N S I T I V E H A S H I N G F O R E A R T H Q U A K E D E T E C T I O N TODAYS PAPER Locality-Sensitive Hashing for

458 views • 41 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2018 // JENNIFER MA L E C T U R E # 1 3 : F

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2018 // JENNIFER MA L E C T U R E # 1 3 : F

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2018 // JENNIFER MA L E C T U R E # 1 3 : F O C U S : Q U E R Y I N G L A R G E V I D E O D A T A S E T S W I T H L O W L A T E N C Y A N D L O W C O S T TODAYS PAPER Focus:

1.06k views • 56 slides
DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2018 // JENNIFER MA L E C T U R E # 1 4 : L I

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2018 // JENNIFER MA L E C T U R E # 1 4 : L I

DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2018 // JENNIFER MA L E C T U R E # 1 4 : L I V E V I D E O A N A L Y T I C S A T S C A L E W I T H A P P R O X I M A T I O N A N D D E L A Y - T O L E R A N C E TODAYS PAPER Live

709 views • 56 slides
AI and Predictive Analytics in Data-Center Environments Neural Networks and Deep Learning Josep

AI and Predictive Analytics in Data-Center Environments Neural Networks and Deep Learning Josep

AI and Predictive Analytics in Data-Center Environments Neural Networks and Deep Learning Josep Ll. Berral @BSC Intel Academic Education Mindshare Initiative for AI Introduction Neural networks attempt to imitate the brain neuron

339 views • 21 slides
Uns Unsup uper ervis vised ed PC PCFG FG Ind nduc ucti tion on for r Grounde ounded d

Uns Unsup uper ervis vised ed PC PCFG FG Ind nduc ucti tion on for r Grounde ounded d

Uns Unsup uper ervis vised ed PC PCFG FG Ind nduc ucti tion on for r Grounde ounded d Langu guage ge Lea earnin ing w g wit ith Hig ighly y Ambig biguou uous s Supe pervisi ision on - Kim and Mooney 12 Presented

269 views • 14 slides
the-pi-project.com Kathleen Jalalpour and Corrinne Lieu BLOG : Follow a year in 5 th grade, week

the-pi-project.com Kathleen Jalalpour and Corrinne Lieu BLOG : Follow a year in 5 th grade, week

10/9/19 the-pi-project.com Kathleen Jalalpour and Corrinne Lieu BLOG : Follow a year in 5 th grade, week by week. https://singapore-math-blog.com/ or Google : Off the Beaten Math, the Pi Project Keys Middle School, Palo Alto, CA ( 5 th

508 views • 30 slides
Data-intensive Programming Lecture #3 Timo Aaltonen Department of Pervasive Computing Guest

Data-intensive Programming Lecture #3 Timo Aaltonen Department of Pervasive Computing Guest

Data-intensive Programming Lecture #3 Timo Aaltonen Department of Pervasive Computing Guest Lectures Ill try to organize two guest lectures Oct 14, Tapio Rautonen, Gofore LTd, Making sense out of your big data Oct 7, ??? Outline

724 views • 46 slides
21cm Intensity Mapping with MeerKAT and SKA (autocorrelations) Prina Patel with Mario Santos

21cm Intensity Mapping with MeerKAT and SKA (autocorrelations) Prina Patel with Mario Santos

21cm Intensity Mapping with MeerKAT and SKA (autocorrelations) Prina Patel with Mario Santos Cosmology with Next Generation Radio Surveys, 21st June 2016 HI Intensity Mapping? Galaxies Intensity Map Look at the total intensity of a given

500 views • 30 slides
Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google

Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google

Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google Brain CS 231n, Stanford University, 2017-05-30 Overview What are adversarial examples? Why do they happen? How can they be used to

866 views • 43 slides
Generalized Petri Nets Jade Master jmast003@ucr.edu May 22, 2019 University of California

Generalized Petri Nets Jade Master jmast003@ucr.edu May 22, 2019 University of California

Generalized Petri Nets Jade Master jmast003@ucr.edu May 22, 2019 University of California Riverside 1 Q -Nets There is a lot of work which has been done on Petri nets. For comparison, if we search for the phrase Monoidal Categories

691 views • 30 slides
Overview What is Adversarial Attack? Why should we care? How does it work? Real

Overview What is Adversarial Attack? Why should we care? How does it work? Real

Adversarial Attacks on Phishing Detection Ryan Chang Overview What is Adversarial Attack? Why should we care? How does it work? Real World Demo on Phishing Detection Model How to defend? Adversarial Examples on

610 views • 26 slides
Adversarial Examples and Adversarial Training Ian Goodfellow, OpenAI Research Scientist

Adversarial Examples and Adversarial Training Ian Goodfellow, OpenAI Research Scientist

Adversarial Examples and Adversarial Training Ian Goodfellow, OpenAI Research Scientist Presentation at San Francisco AI Meetup, 2016-08-18 In this presentation Intriguing Properties of Neural Networks Szegedy et al, 2013

690 views • 32 slides

More recommend