Open Peer Review. Open Publishing. Open Access. Open Discussion. Open Directory. Open Recommendations. Open API. Open Source.
Early Methods for Detecting Adversarial Images
Dan Hendrycks, Kevin Gimpel
Feb 07, 2017 (modified: Mar 23, 2017)ICLR 2017 workshop submissionreaders: everyone
Abstract:Many machine learning classifiers are vulnerable to adversarial perturbations. An adversarial perturbation modifies an input to change a classifier's prediction without causing the input to seem substantially different to human perception. We deploy three methods to detect adversarial images. Adversaries trying to bypass our detectors must make the adversarial image less pathological or they will fail trying. Our best detection method reveals that adversarial images place abnormal emphasis on the lower-ranked principal components from PCA. Other detectors and a colorful saliency map are in an appendix.
Keywords:Computer vision, Deep learning
Enter your feedback below and we'll get back to you as soon as possible.