thermometer encoding one hot way to resist adversarial
play

Thermometer Encoding: One Hot Way to Resist Adversarial Examples - PowerPoint PPT Presentation

Jan 10, 2023 •439 likes •607 views

Thermometer Encoding: One Hot Way to Resist Adversarial Examples Stanford, 2017-11-16 Aurko Roy* Colin Ra ff el Jacob Ian Buckman* Goodfellow *joint first author Adversarial Examples Adversarial Definitely Probably panda perturbation

  1. Thermometer Encoding: One Hot Way to Resist Adversarial Examples Stanford, 2017-11-16 Aurko Roy* Colin Ra ff el Jacob Ian Buckman* Goodfellow *joint first author

  2. Adversarial Examples Adversarial Definitely Probably panda perturbation gibbon Image from “Explaining and Harnessing Adversarial Examples”, Goodfellow et al, 2014 (Goodfellow 2017)

  3. Unreasonable Linear Extrapolation Argument to softmax Plot from “Explaining and Harnessing Adversarial Examples”, Goodfellow et al, 2014 (Goodfellow 2017)

  4. Di ffi cult to train extremely nonlinear hidden layers To train: changing this weight needs to have a large, predictable e ff ect To defend: changing this input needs to have a small or unpredictable e ff ect (Goodfellow 2017)

  5. Idea: edit only the input layer Train only this part DEFENSE (Goodfellow 2017)

  6. (Goodfellow 2017)

  7. Observation: PixelRNN shows one-hot codes work Plot from “Pixel Recurrent Neural Networks”, van den Oord et al, 2016 (Goodfellow 2017)

  8. (Goodfellow 2017)

  9. Fast Improvement Early in Learning (Goodfellow 2017)

  10. Large improvements on SVHN white box attacks 5 years ago, this would have been SOTA on clean data (Goodfellow 2017)

  11. Large Improvements against CIFAR-10 white box attacks 6 years ago, this would have been SOTA on clean data (Goodfellow 2017)

  12. Other results • Improvement on CIFAR-100 • (Still very broken) • Improvement on MNIST • Please quit caring about MNIST (Goodfellow 2017)

  13. Caveats • Slight drop in accuracy on clean examples • Only small improvement on black-box adversarial examples (Goodfellow 2017)

  14. Get involved! https://github.com/tensorflow/cleverhans (Goodfellow 2017)

  15. g.co/airesidency (Goodfellow 2017)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ReSIST NoE ReSIST Resilience for Survivability in IST Resilient Computing: a multi-disciplinary

ReSIST NoE ReSIST Resilience for Survivability in IST Resilient Computing: a multi-disciplinary

ReSIST NoE ReSIST Resilience for Survivability in IST Resilient Computing: a multi-disciplinary MSc Curriculum Luca Simoncini Professor of Computer Engineering Faculty of Engineering, University of Pisa, Italy 2009/10/8-9 Paris, France

215 views • 17 slides
Eu Resist : An integrated system for management of antiretroviral drug resistance Francesca

Eu Resist : An integrated system for management of antiretroviral drug resistance Francesca

IST-2004-027173 Eu Resist : An integrated system for management of antiretroviral drug resistance Francesca Incardona (Informa s.r.l.) Eu Resist : to support clinicians treating HI V patients The Eu Resist project aims at developing an

514 views • 24 slides
Non-Contact Thermometer A perfect healthcare and wellness measuring device for you. Product Name

Non-Contact Thermometer A perfect healthcare and wellness measuring device for you. Product Name

Non-Contact Thermometer A perfect healthcare and wellness measuring device for you. Product Name : Infrared Thermometer Model # : SIT Series : SGWH05 0.5s RAPID MEASUREMENT NO WAITING 2-in-1 CONTACTLESS Colour Temperature Indication

348 views • 9 slides
ReSIST ReSIST Resilience for Survivability in IST A European Network of Excellence Second Open

ReSIST ReSIST Resilience for Survivability in IST A European Network of Excellence Second Open

ReSIST ReSIST Resilience for Survivability in IST A European Network of Excellence Second Open Workshop 1 ReSIST ReSIST Resilience for Survivability in IST A European Network of Excellence Rationale Resilience: definition and

565 views • 8 slides
iHealth PT3 Non Contact Forehead Thermometer with distance sensor iHealth PT3 is a IR Forehead

iHealth PT3 Non Contact Forehead Thermometer with distance sensor iHealth PT3 is a IR Forehead

iHealth PT3 Non Contact Forehead Thermometer with distance sensor iHealth PT3 is a IR Forehead Thermometer, fast, simple and non-contact. 1 second to get the reading High accuracy sensor from Heimann Pass CE and FDA certification Distance

411 views • 8 slides
Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs

Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs

Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs William Wang 10:30 11:00 Break - 11:00 12:15 Adversarial Examples Sameer Singh 12:15 12:30 Conclusions and Question Answering William

1.75k views • 105 slides
Advanced Machine Learning CS 7140 - Spring 2019 Lecture 20: Generative Adversarial Networks

Advanced Machine Learning CS 7140 - Spring 2019 Lecture 20: Generative Adversarial Networks

Advanced Machine Learning CS 7140 - Spring 2019 Lecture 20: Generative Adversarial Networks Jan-Willem van de Meent Slide credits: Ian Goodfellow Variational Autoencoders Input Hidden Mean Encoding Hidden Reconstructed Images

1.11k views • 38 slides
Advanced Machine Learning CS 7140 - Spring 2018 Lecture 20: Generative Adversarial Networks

Advanced Machine Learning CS 7140 - Spring 2018 Lecture 20: Generative Adversarial Networks

Advanced Machine Learning CS 7140 - Spring 2018 Lecture 20: Generative Adversarial Networks Jan-Willem van de Meent Slide credits: Ian Goodfellow Variational Autoencoders Input Hidden Mean Encoding Hidden Reconstructed Images

698 views • 33 slides
MEDICAL INDICATORS, INC. NEW JERSEY , USA The NexTemp Single-Use Clinical Thermometer A Few

MEDICAL INDICATORS, INC. NEW JERSEY , USA The NexTemp Single-Use Clinical Thermometer A Few

MEDICAL INDICATORS, INC. NEW JERSEY , USA The NexTemp Single-Use Clinical Thermometer A Few Simple Instructions Handling How to use with the patient Reading & recording temperatures General Info Safety Accuracy

501 views • 15 slides
Al-Al contact resistance: First results with the two-heater one- thermometer method Ram Dhuley,

Al-Al contact resistance: First results with the two-heater one- thermometer method Ram Dhuley,

Al-Al contact resistance: First results with the two-heater one- thermometer method Ram Dhuley, Michael Geelhoed Cryocooled-SRF group meeting 7 June 2017 Schematic of the test setup PT Reg. 60 K stage (OFHC) ETP copper 22 AWG 4 K heater

107 views • 9 slides
Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google

Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google

Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google Brain CS 231n, Stanford University, 2017-05-30 Overview What are adversarial examples? Why do they happen? How can they be used to

866 views • 43 slides
Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training Xi Wu

Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training Xi Wu

Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training Xi Wu xiwu@cs.wisc.edu Joint work with Uyeong Jang, Jiefeng Chen, Lingjiao Chen, and Somesh Jha July 19, 2018 Xi Wu Model Confidence and Adversarial

740 views • 9 slides
MEDICAL INDICATORS, INC. MADE IN THE USA The NexTemp Single-Use Clinical Thermometer A Few Simple

MEDICAL INDICATORS, INC. MADE IN THE USA The NexTemp Single-Use Clinical Thermometer A Few Simple

MEDICAL INDICATORS, INC. MADE IN THE USA The NexTemp Single-Use Clinical Thermometer A Few Simple Instructions Handling How to use with the patient Reading & recording temperatures General Info Safety Accuracy

280 views • 15 slides
? AdVersarial: Defeating Perceptual Ad Blocking with Adversarial Examples Florian Tramr

? AdVersarial: Defeating Perceptual Ad Blocking with Adversarial Examples Florian Tramr

Todays Story: How I got my first Death Threat ? AdVersarial: Defeating Perceptual Ad Blocking with Adversarial Examples Florian Tramr October 8 th 2019 Joint work with Pascal Dupr, Gili Rusak, Giancarlo Pellegrino and Dan Boneh The

415 views • 29 slides
SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY Christian Kaestner with slides from Eunsuk Kang Required reading: Hulten, Geoff. "Building Intelligent Systems: A Guide to Machine Learning

1.95k views • 113 slides
Reb ebuil ild By Des esig ign HUDSON RIV RIVER PROJE JECT: RE RESIST, DEL ELAY, STORE,

Reb ebuil ild By Des esig ign HUDSON RIV RIVER PROJE JECT: RE RESIST, DEL ELAY, STORE,

June 18, 2015 Reb ebuil ild By Des esig ign HUDSON RIV RIVER PROJE JECT: RE RESIST, DEL ELAY, STORE, DIS ISCHARGE Rebuild by Design Hudson River Project: Resist, Delay, Store, Discharge Public Meeting Agenda June 23, 2015 6:30 p.m.

1.01k views • 19 slides
AT&T Research at TRECVID 2013: Surveillance Event Detection Xiaodong Yang * , Zhu Liu ,

AT&T Research at TRECVID 2013: Surveillance Event Detection Xiaodong Yang * , Zhu Liu ,

AT&T Research at TRECVID 2013: Surveillance Event Detection Xiaodong Yang * , Zhu Liu , Eric Zavesky , David Gibbon , Behzad Shahraray City College of New York, CUNY AT&T Labs - Research *This work is carried out

637 views • 41 slides
A Closer Look at Adversarial Examples for Separated Data Kamalika Chaudhuri University of

A Closer Look at Adversarial Examples for Separated Data Kamalika Chaudhuri University of

A Closer Look at Adversarial Examples for Separated Data Kamalika Chaudhuri University of California, San Diego Adversarial Examples Gibbon Panda Small perturbation to legitimate inputs causing misclassification Adversarial Examples Can

1.41k views • 42 slides
Nonce-based Encryption Formalized by Rogaway Primary Condition Uniqueness of the nonce

Nonce-based Encryption Formalized by Rogaway Primary Condition Uniqueness of the nonce

Dhiman Saha 1 , Sukhendu Kuila 2 , Dipanwita Roy Chowdhury 1 1 Dept. Of Computer Science & Engineering, IIT Kharagpur, INDIA 2 Dept. Of Mathematics, Vidyasagar University, INDIA DIAC 2014, Santa Barbara, USA Nonce-based Encryption

298 views • 19 slides
Questioning Question Answering Answers Sameer Singh University of California, Irvine Questioning

Questioning Question Answering Answers Sameer Singh University of California, Irvine Questioning

Questioning Question Answering Answers Sameer Singh University of California, Irvine Questioning Question Answering Answers Sameer Singh University of California, Irvine QA Systems are really good! Is there a moustache in the picture? >

1.1k views • 50 slides
Limit distributions of tree parameters Stephan Wagner Stellenbosch University FPSAC, 4 July 2019

Limit distributions of tree parameters Stephan Wagner Stellenbosch University FPSAC, 4 July 2019

Limit distributions of tree parameters Stephan Wagner Stellenbosch University FPSAC, 4 July 2019 Why study trees? They are simple. They have many nice properties. They are useful. Distribution of tree parameters S. Wagner, Stellenbosch

640 views • 42 slides
ive Init nitiat iativ Henry Neeman, University of Oklahoma Assistant Vice President,

ive Init nitiat iativ Henry Neeman, University of Oklahoma Assistant Vice President,

The he OneOklahoma OneOklahoma Cyber berinf infras astruct uctur ure ive Init nitiat iativ Henry Neeman, University of Oklahoma Assistant Vice President, Information Technology Research Strategy Advisor Director, OU Supercomputing

449 views • 26 slides
DOLPHINS, GIBBONS, AND GIANT SALAMANDERS: Is it possible to save Chinas threatened

DOLPHINS, GIBBONS, AND GIANT SALAMANDERS: Is it possible to save Chinas threatened

DOLPHINS, GIBBONS, AND GIANT SALAMANDERS: Is it possible to save Chinas threatened biodiversity? Samuel T. Turvey, Zoological Society of London SO LONG, AND THANKS FOR ALL THE FISHING: THE SORRY STORY OF THE YANGTZE RIVER DOLPHIN Samuel T.

471 views • 44 slides
March 18 19, 2019 Sponsors and Organizers Summit Objectives Facilitate information

March 18 19, 2019 Sponsors and Organizers Summit Objectives Facilitate information

March 18 19, 2019 Sponsors and Organizers Summit Objectives Facilitate information exchange Build connections and community Explore specific challenges Launch ongoing collaboration Accelerate GB development globally

1.24k views • 54 slides

More recommend