SlideShare a Scribd company logo

Towards Deep Learning Models Resistant to Adversarial Attacks.

S
SEMINARGROOT

This document discusses approaches to training deep neural networks to be robust against adversarial examples. It frames adversarial robustness as a minimax game between the network and an attacker. It presents projected gradient descent (PGD) and the Fast Gradient Sign Method (FGSM) as ways to solve the inner maximization problem during training. Experiments show that adversarially trained models can achieve increased robustness compared to standard networks.

Data & Analytics
1 of 18
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Towards Deep Learning Models Resistant to Adversarial Attacks.
1. Introduction Introduction
Introduction In particular, resistance to adversarially chosen inputs is becoming a crucial design goal
Introduction
Introduction How can we train deep neural networks that are robust to adversarial inputs?
2. An Optimization View on Adversarial Robustness An Optimization View on Adversarial Robustness
An Optimization View on Adversarial Robustness Adversarial attack problem Inner maximization problem Outer minimization problem Min max game Saddle point problem
An Optimization View on Adversarial Robustness PGD (projected gradient descent ) FGSM (Fast Gradient Sign Method) Inner maximization problem
3. Towards Universally Robust Networks Towards Universally Robust Networks
Towards Universally Robust Networks
Towards Universally Robust Networks Blue : loss on a standard network Red : adversarially trained model
4. Network Capacity and Adversarial Robustness Network Capacity and Adversarial Robustness
Network Capacity and Adversarial Robustness
Experiments
5. Experiments Experiments
Experiments
Towards Deep Learning Models Resistant to Adversarial Attacks.
references Towards Deep Learning Models Resistant to Adversarial Attacks, Aleksander Madry, Aleksandar Makelov; ICLR, 2018, Explaining and Harnessing Adversarial Examples, Ian J. Goodfellow, Jonathon Shlens, Christian Szegedy, ICLR, 2015,

More Related Content

PDF
[DL輪読会]自動運転技術の課題に役立つかもしれない論文3本
Deep Learning JP
 
PDF
東北大学講義資料 実世界における自然言語処理 - すべての人にロボットを - 坪井祐太 
Preferred Networks
 
PDF
企業の中の経済学
Yusuke Kaneko
 
PDF
金融×AIで解くべき問題は何か?
Tsunehiko Nagayama
 
PDF
年間1,000万件のアラートを自動処理してみた
IIJ
 
PDF
深層強化学習でマルチエージェント学習(前篇)
Junichiro Katsuta
 
PPTX
[DL輪読会] マルチエージェント強化学習と心の理論
Deep Learning JP
 
PPTX
Active Learning と Bayesian Neural Network
Naoki Matsunaga
 
[DL輪読会]自動運転技術の課題に役立つかもしれない論文3本
Deep Learning JP
 
東北大学講義資料 実世界における自然言語処理 - すべての人にロボットを - 坪井祐太 
Preferred Networks
 
企業の中の経済学
Yusuke Kaneko
 
金融×AIで解くべき問題は何か?
Tsunehiko Nagayama
 
年間1,000万件のアラートを自動処理してみた
IIJ
 
深層強化学習でマルチエージェント学習(前篇)
Junichiro Katsuta
 
[DL輪読会] マルチエージェント強化学習と心の理論
Deep Learning JP
 
Active Learning と Bayesian Neural Network
Naoki Matsunaga
 

What's hot (20)

PDF
データに内在する構造をみるための埋め込み手法
Tatsuya Shirakawa
 
PPTX
210927 PMBOK第7版の概要
Yukio TADA
 
PDF
アジャイルにモデリングは必要か
Hiromasa Oka
 
PDF
Non-autoregressive text generation
nlab_utokyo
 
PPTX
ビッグデータ処理データベースの全体像と使い分け - 2017年 Version -
Tetsutaro Watanabe
 
PDF
金融ISAC アニュアルカンファレンス 2020:Intelligence Driven Securityの「ことはじめ」
Tomohisa Ishikawa, CISSP, CSSLP, CISA, CISM, CFE
 
PDF
[DL輪読会]Estimating Predictive Uncertainty via Prior Networks
Deep Learning JP
 
PPTX
強化学習 と ゲーム理論 (MARL)
HarukaKiyohara
 
PPT
社会人博士入試面接スライド(ヘテロ加速器環境でのデータストリームグラフ処理フレームワーク)
亮 神林
 
PPTX
バックキャスティングによる戦略の作り方~実現したい未来から考える~
視覚会議
 
PDF
ドメイン駆動設計のための Spring の上手な使い方
増田 亨
 
PDF
[DL輪読会]DISTRIBUTIONAL POLICY GRADIENTS
Deep Learning JP
 
PDF
(修正)機械学習デザインパターン(ML Design Patterns)の解説
Hironori Washizaki
 
PDF
大規模言語モデルとChatGPT
nlab_utokyo
 
PDF
ドメイン駆動設計の捉え方 20150718
Mao Ohnishi
 
PDF
日経BPリーン式創業塾 #leanstartup #リーンスタートアップ
Itsuki Kuroda
 
PDF
【DL輪読会】Perceiver io a general architecture for structured inputs & outputs
Deep Learning JP
 
PPTX
研華 智聯工廠與智能設備雙引擎|實踐智慧製造
鼎新電腦
 
PDF
差分プライバシーによる時系列データの扱い方
Hiroshi Nakagawa
 
PPTX
ReactでuseEffect()を減らしたい話
iPride Co., Ltd.
 
データに内在する構造をみるための埋め込み手法
Tatsuya Shirakawa
 
210927 PMBOK第7版の概要
Yukio TADA
 
アジャイルにモデリングは必要か
Hiromasa Oka
 
Non-autoregressive text generation
nlab_utokyo
 
ビッグデータ処理データベースの全体像と使い分け - 2017年 Version -
Tetsutaro Watanabe
 
金融ISAC アニュアルカンファレンス 2020:Intelligence Driven Securityの「ことはじめ」
Tomohisa Ishikawa, CISSP, CSSLP, CISA, CISM, CFE
 
[DL輪読会]Estimating Predictive Uncertainty via Prior Networks
Deep Learning JP
 
強化学習 と ゲーム理論 (MARL)
HarukaKiyohara
 
社会人博士入試面接スライド(ヘテロ加速器環境でのデータストリームグラフ処理フレームワーク)
亮 神林
 
バックキャスティングによる戦略の作り方~実現したい未来から考える~
視覚会議
 
ドメイン駆動設計のための Spring の上手な使い方
増田 亨
 
[DL輪読会]DISTRIBUTIONAL POLICY GRADIENTS
Deep Learning JP
 
(修正)機械学習デザインパターン(ML Design Patterns)の解説
Hironori Washizaki
 
大規模言語モデルとChatGPT
nlab_utokyo
 
ドメイン駆動設計の捉え方 20150718
Mao Ohnishi
 
日経BPリーン式創業塾 #leanstartup #リーンスタートアップ
Itsuki Kuroda
 
【DL輪読会】Perceiver io a general architecture for structured inputs & outputs
Deep Learning JP
 
研華 智聯工廠與智能設備雙引擎|實踐智慧製造
鼎新電腦
 
差分プライバシーによる時系列データの扱い方
Hiroshi Nakagawa
 
ReactでuseEffect()を減らしたい話
iPride Co., Ltd.
 
Ad

Similar to Towards Deep Learning Models Resistant to Adversarial Attacks. (20)

PDF
Survey of Adversarial Attacks in Deep Learning Models
IRJET Journal
 
PDF
Adversarial ml
JunfeiWang1
 
PPTX
Adversarial Training is all you Need.pptx
Prerana Khatiwada
 
PDF
Adversarial-robust steganalysis system leveraging adversarial training and Ef...
TELKOMNIKA JOURNAL
 
PDF
Robustness of compressed CNNs
Kaushalya Madhawa
 
PDF
Fortifying Cyber Defence The Evolution of Deep Learning Architectures.pdf
CyberPro Magazine
 
PDF
Adversarial Attacks and Defenses in Deep Learning.pdf
MichelleHoogenhout
 
PDF
Fortifying Cyber Defence: The Evolution of Deep Learning Architectures
CyberPro Magazine
 
PPTX
ICDCC_40shugajkshdgjkadkjhgjkjhgjkhgjkhg
tattiiitattiiii
 
PPTX
Neural nets
bucknertroy
 
PDF
Risk Assessment for Identifying Intrusion in Manet
IOSR Journals
 
PPTX
Group 10 - DNN Presentation for UOM.pptx
DanNiles4
 
PPTX
Ppt
Syed Faraz Ali
 
PDF
Hardware Trojan Attacks on Neural Networks - Joseph Clements - DEF CON 26 CAA...
GeekPwn Keen
 
PDF
cyber security DOS attack using NS2 ppt content
KrayKarthik
 
PPTX
adversarial robustness through local linearization
taeseon ryu
 
PDF
Deep Comparison Analysis : Statistical Methods and Deep Learning for Network ...
Amit Kumar Jaiswal
 
PPTX
Network-Intrusion-Detection-Using-Machine-Learning-1.pptx
g58tanmayrk
 
PDF
BOOSTING ADVERSARIAL ATTACKS WITH MOMENTUM - Tianyu Pang and Chao Du, THU - D...
GeekPwn Keen
 
PPTX
Packet-Hiding Methods: To Prevent Selective Jamming Attacks
Swapnil Salunke
 
Survey of Adversarial Attacks in Deep Learning Models
IRJET Journal
 
Adversarial ml
JunfeiWang1
 
Adversarial Training is all you Need.pptx
Prerana Khatiwada
 
Adversarial-robust steganalysis system leveraging adversarial training and Ef...
TELKOMNIKA JOURNAL
 
Robustness of compressed CNNs
Kaushalya Madhawa
 
Fortifying Cyber Defence The Evolution of Deep Learning Architectures.pdf
CyberPro Magazine
 
Adversarial Attacks and Defenses in Deep Learning.pdf
MichelleHoogenhout
 
Fortifying Cyber Defence: The Evolution of Deep Learning Architectures
CyberPro Magazine
 
ICDCC_40shugajkshdgjkadkjhgjkjhgjkhgjkhg
tattiiitattiiii
 
Neural nets
bucknertroy
 
Risk Assessment for Identifying Intrusion in Manet
IOSR Journals
 
Group 10 - DNN Presentation for UOM.pptx
DanNiles4
 
Ppt
Syed Faraz Ali
 
Hardware Trojan Attacks on Neural Networks - Joseph Clements - DEF CON 26 CAA...
GeekPwn Keen
 
cyber security DOS attack using NS2 ppt content
KrayKarthik
 
adversarial robustness through local linearization
taeseon ryu
 
Deep Comparison Analysis : Statistical Methods and Deep Learning for Network ...
Amit Kumar Jaiswal
 
Network-Intrusion-Detection-Using-Machine-Learning-1.pptx
g58tanmayrk
 
BOOSTING ADVERSARIAL ATTACKS WITH MOMENTUM - Tianyu Pang and Chao Du, THU - D...
GeekPwn Keen
 
Packet-Hiding Methods: To Prevent Selective Jamming Attacks
Swapnil Salunke
 
Ad

More from SEMINARGROOT (20)

PDF
Metric based meta_learning
SEMINARGROOT
 
PDF
Sampling method : MCMC
SEMINARGROOT
 
PDF
Demystifying Neural Style Transfer
SEMINARGROOT
 
PDF
The ways of node embedding
SEMINARGROOT
 
PDF
Graph Convolutional Network
SEMINARGROOT
 
PDF
Denoising With Frequency Domain
SEMINARGROOT
 
PDF
Bayesian Statistics
SEMINARGROOT
 
PDF
Coding Test Review 3
SEMINARGROOT
 
PDF
Time Series Analysis - ARMA
SEMINARGROOT
 
PDF
Differential Geometry for Machine Learning
SEMINARGROOT
 
PDF
Generative models : VAE and GAN
SEMINARGROOT
 
PDF
Effective Python
SEMINARGROOT
 
PDF
Understanding Blackbox Prediction via Influence Functions
SEMINARGROOT
 
PDF
Attention Is All You Need
SEMINARGROOT
 
PDF
Attention
SEMINARGROOT
 
PDF
WWW 2020 XAI Tutorial Review
SEMINARGROOT
 
PDF
Coding test review 2
SEMINARGROOT
 
PDF
Locality sensitive hashing
SEMINARGROOT
 
PDF
Coding Test Review1
SEMINARGROOT
 
PDF
Strong convexity on gradient descent and newton's method
SEMINARGROOT
 
Metric based meta_learning
SEMINARGROOT
 
Sampling method : MCMC
SEMINARGROOT
 
Demystifying Neural Style Transfer
SEMINARGROOT
 
The ways of node embedding
SEMINARGROOT
 
Graph Convolutional Network
SEMINARGROOT
 
Denoising With Frequency Domain
SEMINARGROOT
 
Bayesian Statistics
SEMINARGROOT
 
Coding Test Review 3
SEMINARGROOT
 
Time Series Analysis - ARMA
SEMINARGROOT
 
Differential Geometry for Machine Learning
SEMINARGROOT
 
Generative models : VAE and GAN
SEMINARGROOT
 
Effective Python
SEMINARGROOT
 
Understanding Blackbox Prediction via Influence Functions
SEMINARGROOT
 
Attention Is All You Need
SEMINARGROOT
 
Attention
SEMINARGROOT
 
WWW 2020 XAI Tutorial Review
SEMINARGROOT
 
Coding test review 2
SEMINARGROOT
 
Locality sensitive hashing
SEMINARGROOT
 
Coding Test Review1
SEMINARGROOT
 
Strong convexity on gradient descent and newton's method
SEMINARGROOT
 

Recently uploaded (20)

PDF
Lecture1 pattern recognition............
ZafriFarid
 
PDF
Business Analytics and business intelligence.pdf
khalidisah4750
 
PPTX
Introduction to Knowledge Engineering Part 1
busyprogrammersguide
 
PPTX
Introduction to Firewall Analytics - Interfirewall and Transfirewall.pptx
kuthubussaman1
 
PPT
ISS -ESG Data flows What is ESG and HowHow
lucandthemachine
 
PPTX
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
PPT
Quality review (1)_presentation of this 21
abobaker13
 
PPTX
Microsoft-Fabric-Unifying-Analytics-for-the-Modern-Enterprise Solution.pptx
Mahesh Reddy
 
PDF
Fluorescence-microscope_Botany_detailed content
dollydoll12
 
PPTX
The THESIS FINAL-DEFENSE-PRESENTATION.pptx
hshakobe3
 
PDF
annual-report-2024-2025 original latest.
nityanema19
 
PPTX
Introduction-to-Cloud-ComputingFinal.pptx
testnet29393883
 
PPTX
Business Acumen Training GuidePresentation.pptx
stephvshelton19
 
PPTX
Business Ppt On Nestle.pptx huunnnhhgfvu
ashaurya327
 
PPTX
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
chepkoitcheruiyot
 
PDF
Clinical guidelines as a resource for EBP(1).pdf
MashalKhan626345
 
PPTX
Database Infoormation System (DBIS).pptx
TefferiMekonnen2
 
PPTX
Computer network topology notes for revision
BatoolRawat
 
PPTX
climate analysis of Dhaka ,Banglades.pptx
rrawjatun
 
PDF
BF and FI - Blockchain, fintech and Financial Innovation Lesson 2.pdf
JamesWilliams752225
 
Lecture1 pattern recognition............
ZafriFarid
 
Business Analytics and business intelligence.pdf
khalidisah4750
 
Introduction to Knowledge Engineering Part 1
busyprogrammersguide
 
Introduction to Firewall Analytics - Interfirewall and Transfirewall.pptx
kuthubussaman1
 
ISS -ESG Data flows What is ESG and HowHow
lucandthemachine
 
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
Quality review (1)_presentation of this 21
abobaker13
 
Microsoft-Fabric-Unifying-Analytics-for-the-Modern-Enterprise Solution.pptx
Mahesh Reddy
 
Fluorescence-microscope_Botany_detailed content
dollydoll12
 
The THESIS FINAL-DEFENSE-PRESENTATION.pptx
hshakobe3
 
annual-report-2024-2025 original latest.
nityanema19
 
Introduction-to-Cloud-ComputingFinal.pptx
testnet29393883
 
Business Acumen Training GuidePresentation.pptx
stephvshelton19
 
Business Ppt On Nestle.pptx huunnnhhgfvu
ashaurya327
 
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
chepkoitcheruiyot
 
Clinical guidelines as a resource for EBP(1).pdf
MashalKhan626345
 
Database Infoormation System (DBIS).pptx
TefferiMekonnen2
 
Computer network topology notes for revision
BatoolRawat
 
climate analysis of Dhaka ,Banglades.pptx
rrawjatun
 
BF and FI - Blockchain, fintech and Financial Innovation Lesson 2.pdf
JamesWilliams752225
 

Towards Deep Learning Models Resistant to Adversarial Attacks.