Adversarial Examples in Constrained DomainsRyan SheatsleyNicolas PapernotMichael J. WeismanGunjan VermaPatrick D. McDaniel
However, deep neural networks have been recently found vulnerable to well-designed input samples, called adversarial examples. Adversarial examples are imperceptible to human but can easily fool deep neural networks in the testing/deploying stage. The vulnerability to adversarial examples becomes one of ...
In domain adaptation, this prin- ciple has been employed to ensure that the network cannot distinguish between the distributions of its training and test domain examples [11, 12, 13]. However, each algorithm makes different design choices such as whether to use a gen- erator, which loss ...
Therefore, there is an urgent need to design effective defensive approaches to defend against such adversarial examples in order to ensure the safety and reliability of computer vision applications. To improve the adversarial robustness of DNNs, several defence methods have been proposed, which can be...
We also illustrate how this model could be used to learn a multi-modal model, and provide preliminary examples of an application to image tagging in which we demonstrate how this approach can generate descriptive tags which are not part of training labels. [Paper] [Code] Run Example $ cd ...
in the absence of paired examples. Our goal is to learn a mapping G:X→Y such that the distribution of images from G(X) is indistinguishable from the distribution Y using an adversarial loss. Because this mapping is highly under-constrained, we couple it with an inverse mapping F:Y→X ...
in learning models has gained huge popularity among the community of deep learning researchers, especially those interested in image classification. It has also been observed that GAN models are relevant in domains other than image classification. Some examples are image-to-image translation, which is...
Examples of such AEs are presented in the last column of Fig. 1. One can see e.g. that the system has problems when random dots appear around a 0 and misclassifies the input as the number 5. While the attacker will aim to accomplish many successful attacks, the postal service will...
in several domains where it directly measures the aggregated neural activity in addition to being an easy portable method for different clinical uses. Furthermore, advances in machine learning and other recent technologies such as wireless recording have led to more interest in EEG-based BCI ...
constrained norm (e.g.,l∞ ≤ ϵ)24. To select the best model in the task of pathology detection, we quantified the model’s performance via the area under the receiver operating characteristic curve (ROC-AUC) and precision-recall curve. In accordance with previous research, we found...