improving adversarial robustness via promoting ensemble
play

Improving Adversarial Robustness via Promoting Ensemble - PowerPoint PPT Presentation

Oct 27, 2023 •710 likes •864 views

Improving Adversarial Robustness via Promoting Ensemble Diversity Tianyu Pang, Kun Xu, Chao Du, Ning Chen and Jun Zhu Department of Computer Science and Technology Tsinghua University TSAIL ICML | 2019 Adversarial

  1. Improving ¡Adversarial ¡Robustness ¡via ¡Promoting ¡ Ensemble ¡Diversity Tianyu Pang, Kun Xu, Chao Du, Ning Chen and Jun Zhu Department of Computer Science and Technology Tsinghua University TSAIL ICML | ¡2019

  2. Adversarial ¡Examples ¡ From Dong ¡et ¡al. ¡(CVPR ¡2018)

  3. Previous ¡Defense ¡Strategies Single ¡model defense: ¡ e.g., ¡adversarial ¡training Enhanced ¡Model Base ¡Model

  4. Previous ¡Defense ¡Strategies Ensemble ¡model defense: ¡ Member ¡1 Member ¡2 Member ¡3

  5. Previous ¡Defense ¡Strategies Clean ¡input Ensemble ¡model defense: ¡ Bus Bus Bus Member ¡1 Member ¡2 Member ¡3

  6. Previous ¡Defense ¡Strategies Adversarial ¡input Ensemble ¡model defense: ¡ Cat Cat Cat Member ¡1 Member ¡2 Member ¡3

  7. Our ¡Strategy Training ¡ensembles ¡with ¡diversity: ¡ Member ¡1 Member ¡2 Member ¡3

  8. Our ¡Strategy Adversarial ¡input Training ¡ensembles ¡with ¡diversity: ¡ Cat Bus Bus Member ¡1 Member ¡2 Member ¡3

  9. non-­‑maximal ¡predictions • Promoting ¡diversity ¡on ¡ Prediction 3 ( ! $ ) truck Prediction 3 ( ! $ ) truck ship ship horse horse frog frog dog dog deer deer cat cat bird Adaptive ¡Diversity ¡Promoting bird plane plane car car Prediction 2 ( ! # ) truck Prediction 2 ( ! # ) ship truck horse ship frog horse dog frog deer dog cat deer bird cat plane bird car plane car Prediction 1 ( ! " ) truck Prediction 1 ( ! " ) Baseline(( ship truck horse ship frog horse ADP dog frog deer dog cat deer bird cat plane bird car plane car & \( $ % & \( # % & \( $ % & \( # % & \( " % & \( " %

  10. Adaptive ¡Diversity ¡Promoting • Promoting ¡diversity ¡on ¡ non-­‑maximal ¡predictions & \( " % & \( # % car plane bird cat deer dog frog horse ship truck car plane bird cat deer dog frog horse ship truck car plane bird cat deer dog frog horse ship truck Prediction 1 ( ! " ) Prediction 2 ( ! # ) Prediction 3 ( ! $ ) & \( $ % Baseline(( correspond ¡to ¡all ¡potentially ¡ & \( " % & \( # % wrong ¡labels ¡returned ¡for ¡ car plane bird cat deer dog frog horse ship truck car plane bird cat deer dog frog horse ship truck car plane bird cat deer dog frog horse ship truck Prediction 2 ( ! # ) the ¡adversarial ¡examples Prediction 1 ( ! " ) Prediction 3 ( ! $ ) & \( $ % ADP

  11. Experiments Adversarial ¡transferability ¡among ¡individual ¡members ¡of ¡ensembles

  12. Experiments Classification ¡accuracy ¡(%) ¡on ¡adversarial ¡examples

  13. Experiments Classification ¡accuracy ¡(%) ¡on ¡adversarial ¡examples

  14. For ¡more ¡technical ¡details ¡and ¡results, ¡please ¡come ¡ Poster: ¡ #64 Code: https://github.com/P2333 TSAIL ICML | ¡2019

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Toward Adversarial Robustness by Diversity in an Ensemble of Specialized Deep Neural Networks

Toward Adversarial Robustness by Diversity in an Ensemble of Specialized Deep Neural Networks

Toward Adversarial Robustness by Diversity in an Ensemble of Specialized Deep Neural Networks presented at Canadian AI 2020 Mahdieh Abbasi 1 , Arezoo Rajabi 2 , Christian Gagn 1,3 , and Rakesh B. Bobba 2 1. IID, Universit Laval, Qubec,

728 views • 20 slides
Adversarial Training for Deep Learning : A Framework for Improving Robustness, Generalization and

Adversarial Training for Deep Learning : A Framework for Improving Robustness, Generalization and

Adversarial Training for Deep Learning : A Framework for Improving Robustness, Generalization and Interpretability Zhanxing Zhu School of Mathematical Sciences, Peking University zhanxing.zhu@pku.edu.cn

1.02k views • 66 slides
Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training Xi Wu

Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training Xi Wu

Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training Xi Wu xiwu@cs.wisc.edu Joint work with Uyeong Jang, Jiefeng Chen, Lingjiao Chen, and Somesh Jha July 19, 2018 Xi Wu Model Confidence and Adversarial

740 views • 9 slides
Adversarial Training and Robustness for Multiple Perturbations Poster #87 Florian Tramr &

Adversarial Training and Robustness for Multiple Perturbations Poster #87 Florian Tramr &

Adversarial Training and Robustness for Multiple Perturbations Poster #87 Florian Tramr & Dan Boneh NeurIPS 2019 Adversarial examples 88% Tabby Cat 99% Guacamole Szegedy et al., 2014 Goodfellow et al., 2015 Athalye, 2017 Adversarial

564 views • 23 slides
Adversarial Domain Adaptation and Adversarial Robustness Judy Hoffman + = Big Deep success

Adversarial Domain Adaptation and Adversarial Robustness Judy Hoffman + = Big Deep success

Adversarial Domain Adaptation and Adversarial Robustness Judy Hoffman + = Big Deep success data learning Benchmark Performance 100 95 Accuracy 90 85 Millions of Images 80 Deep models 75 Challenge to recognize 1000

1.2k views • 60 slides
Adversarial Approaches to Bayesian Learning and Bayesian Approaches to Adversarial Robustness

Adversarial Approaches to Bayesian Learning and Bayesian Approaches to Adversarial Robustness

Adversarial Approaches to Bayesian Learning and Bayesian Approaches to Adversarial Robustness Ian Goodfellow, OpenAI Research Scientist NIPS 2016 Workshop on Bayesian Deep Learning Barcelona, 2016-12-10 Speculation on Three Topics Can we

769 views • 21 slides
Limits on Robustness to Adversarial Examples Elvis Dohmatob Criteo AI Lab October 2, 2019 Elvis

Limits on Robustness to Adversarial Examples Elvis Dohmatob Criteo AI Lab October 2, 2019 Elvis

Preliminaries on adversarial robustness Classifier-dependent lower bounds Universal lower bounds Limits on Robustness to Adversarial Examples Elvis Dohmatob Criteo AI Lab October 2, 2019 Elvis Dohmatob Limits on Robustness to Adversarial

763 views • 74 slides
Adversarial Robustness for Code Pavol Bielik , Martin Vechev pavol.bielik@inf.ethz.ch,

Adversarial Robustness for Code Pavol Bielik , Martin Vechev pavol.bielik@inf.ethz.ch,

ICML 2020 Adversarial Robustness for Code Pavol Bielik , Martin Vechev pavol.bielik@inf.ethz.ch, martin.vechev@inf.ethz.ch Department of Computer Science 1 Adversarial Robustness panda gibbon Vision + = Explaining and Harnessing

429 views • 32 slides
Certified Adversarial Robustness via Randomized Smoothing Jeremy Cohen Elan Rosenfeld

Certified Adversarial Robustness via Randomized Smoothing Jeremy Cohen Elan Rosenfeld

Certified Adversarial Robustness via Randomized Smoothing Jeremy Cohen Elan Rosenfeld Zico Kolter Carnegie Mellon University Introduction We study a certified adversarial defense in " norm which scales to ImageNet

1.5k views • 12 slides
On the Connection Between Adversarial Robustness and Saliency Map Interpretability Christian

On the Connection Between Adversarial Robustness and Saliency Map Interpretability Christian

On the Connection Between Adversarial Robustness and Saliency Map Interpretability Christian Etmann , 1 , 3 , Sebastian Lunz , 2 , Peter Maass 1 , Carola-Bibiane Sch onlieb 2 13th June, 2019 1: ZeTeM, University of Bremen, 2: Cambridge

673 views • 19 slides
Adversarial Robustness of Machine Learning Models for Graphs Prof. Dr. Stephan Gnnemann

Adversarial Robustness of Machine Learning Models for Graphs Prof. Dr. Stephan Gnnemann

Adversarial Robustness of Machine Learning Models for Graphs Prof. Dr. Stephan Gnnemann Department of Informatics Technical University of Munich 28.10.2019 Adversarial Robustness of Machine Learning Models for Graphs S. Gnnemann Can you

669 views • 27 slides
ON THE ADVERSARIAL ROBUSTNESS OF UNCERTAINTY AWARE DEEP NEURAL NETWORKS APRIL 29 TH , 2019

ON THE ADVERSARIAL ROBUSTNESS OF UNCERTAINTY AWARE DEEP NEURAL NETWORKS APRIL 29 TH , 2019

ON THE ADVERSARIAL ROBUSTNESS OF UNCERTAINTY AWARE DEEP NEURAL NETWORKS APRIL 29 TH , 2019 PREPARED BY: ALI HARAKEH QUESTION Can a neural network mitigate the effects of adversarial attacks by estimating the uncertainty in its predictions ?

1.14k views • 26 slides
Adversarial Robustness: Theory and Practice Zico Kolter Aleksander Mdry madry-lab.ml

Adversarial Robustness: Theory and Practice Zico Kolter Aleksander Mdry madry-lab.ml

Adversarial Robustness: Theory and Practice Zico Kolter Aleksander Mdry madry-lab.ml Tutorial website: @zicokolter @aleks_madry adversarial-ml-tutorial.org Machine Learning: The Success Story Image classification Reinforcement Learning

528 views • 49 slides
Adversarial Robustness for Aligned AI Ian Goodfellow, Sta ff Research NIPS 2017 Workshop on

Adversarial Robustness for Aligned AI Ian Goodfellow, Sta ff Research NIPS 2017 Workshop on

Adversarial Robustness for Aligned AI Ian Goodfellow, Sta ff Research NIPS 2017 Workshop on Aligned Artificial Intelligence Many thanks to Catherine Olsson for feedback on drafts The Alignment Problem (This is now fixed. Dont try it!)

626 views • 30 slides
Certified Robustness to Adversarial Examples with Di ff erential Privacy Mathias Lcuyer,

Certified Robustness to Adversarial Examples with Di ff erential Privacy Mathias Lcuyer,

Certified Robustness to Adversarial Examples with Di ff erential Privacy Mathias Lcuyer, Vaggelis Atlidakis, Roxana Geambasu, Daniel Hsu, Suman Jana Columbia University Code: https://github.com/columbia/pixeldp Contact:

680 views • 48 slides
Ensemble Adversarial Training A1acks and Defenses Cybersecurity With The Best October 15 th 2017

Ensemble Adversarial Training A1acks and Defenses Cybersecurity With The Best October 15 th 2017

Ensemble Adversarial Training A1acks and Defenses Cybersecurity With The Best October 15 th 2017 Florian Tramr Stanford Joint work with Alexey Kurakin (Google Brain) Nicolas Papernot (PSU) Dan Boneh (Stanford) Patrick McDaniel (PSU)

723 views • 24 slides
Multipanel plotting in R with base graphics Sean Anderson Nov 2011 scanders@sfu.ca Compared

Multipanel plotting in R with base graphics Sean Anderson Nov 2011 scanders@sfu.ca Compared

Multipanel plotting in R with base graphics Sean Anderson Nov 2011 scanders@sfu.ca Compared to what? - Tufte by hand ggplot2 lattice par(mfrow) layout() split.screen() par(mfrow) par(mfrow) John et al. 1988, Science, 239, p162 and

377 views • 22 slides
Co-Pay Accumulator Adjustors Strike Back: What You Need to Know for Your Care Presented by:

Co-Pay Accumulator Adjustors Strike Back: What You Need to Know for Your Care Presented by:

HCCs 2019 Webinar series is sponsored Hemophilia Council of California by: Health Access, Advocacy , and Policy Webinar Co-Pay Accumulator Adjustors Strike Back: What You Need to Know for Your Care Presented by: Kollet Koulianos

417 views • 23 slides
Spirit to Spirit Webinar Lisa Beedie-AisanceKwe Chuckle of the Day 2 Reclaiming Health as an

Spirit to Spirit Webinar Lisa Beedie-AisanceKwe Chuckle of the Day 2 Reclaiming Health as an

Spirit to Spirit Webinar Lisa Beedie-AisanceKwe Chuckle of the Day 2 Reclaiming Health as an Act of Self- Determination 3 Purpose of the Presentation/Learning Objectives What are the issues around tobacco What are successes and

523 views • 16 slides
Language Access in CA Elections, Past & Future FOCE Conference 2017 Need for Language

Language Access in CA Elections, Past & Future FOCE Conference 2017 Need for Language

Meeting the Needs of a Diversifying Electorate: Language Access in CA Elections, Past & Future FOCE Conference 2017 Need for Language Assistance During Elections Language is a significant barrier to the ability of many to vote CA Latinos

457 views • 35 slides
Determinants Every n n matrix A has an associated scalar value called the determinant of A ,

Determinants Every n n matrix A has an associated scalar value called the determinant of A ,

2.1-2.3 Determinants P. Danziger Determinants Every n n matrix A has an associated scalar value called the determinant of A , denoted by det( A ) or | A | . The determinant gives the (hyper)volume of the unit (hyper)cube after it has been

491 views • 18 slides
mo z i l l a I n t r o d u c t i o n D a a l a i s a R o y a l t

mo z i l l a I n t r o d u c t i o n D a a l a i s a R o y a l t

D a a l a : A P e r c e p t u a l l y - D r i v e n S t i l l P i c t u r e C o d e c J e a n - M a r c V a l i n , N a t h a n E . E g g e , T h o ma s J . D a e d e

462 views • 18 slides
Five Lectures on CA 4. Sorting Thomas Worsch Department of Informatics Karlsruhe Institute of

Five Lectures on CA 4. Sorting Thomas Worsch Department of Informatics Karlsruhe Institute of

Five Lectures on CA 4. Sorting Thomas Worsch Department of Informatics Karlsruhe Institute of Technology http://liinwww.ira.uka.de/~thw/vl-hiroshima/ at Hiroshima University, January 2012 Outline Sorting in one-dimensional CA Odd-even

1.05k views • 86 slides
CSE543 - Introduction to Computer and Network Security Module: Public Key Infrastructure

CSE543 - Introduction to Computer and Network Security Module: Public Key Infrastructure

887 views • 20 slides

More recommend