Visible to the public Biblio

Filters: Author is Wang, Weiyu  [Clear All Filters]
2018-05-01
Wang, Weiyu, Zhu, Quanyan.  2017.  On the Detection of Adversarial Attacks Against Deep Neural Networks. Proceedings of the 2017 Workshop on Automated Decision Making for Active Cyber Defense. :27–30.

Deep learning model has been widely studied and proven to achieve high accuracy in various pattern recognition tasks, especially in image recognition. However, due to its non-linear architecture and high-dimensional inputs, its ill-posedness [1] towards adversarial perturbations-small deliberately crafted perturbations on the input will lead to completely different outputs, has also attracted researchers' attention. This work takes the traffic sign recognition system on the self-driving car as an example, and aims at designing an additional mechanism to improve the robustness of the recognition system. It uses a machine learning model which learns the results of the deep learning model's predictions, with human feedback as labels and provides the credibility of current prediction. The mechanism makes use of both the input image and the recognition result as sample space, querying a human user the True/False of current classification result the least number of times, and completing the task of detecting adversarial attacks.