UNIVERSAL ADVERSARIAL ROBUSTNESS OF TEXTURE AND SHAPE-BIASED MODELS

被引：8

作者：

Co, Kenneth T. ^{[1
,2
]}

Munoz-Gonzalez, Luis ^{[1
]}

Kanthan, Leslie ^{[2
]}

Glocker, Ben ^{[1
]}

Lupu, Emil C. ^{[1
]}

机构：

[1] Imperial Coll London, Dept Comp, London, England

[2] DataSpartan Res, London, England

来源：

2021 IEEE INTERNATIONAL CONFERENCE ON IMAGE PROCESSING (ICIP) | 2021年

关键词：

Universal adversarial perturbations; adversarial machine learning; deep neural networks;

D O I：

10.1109/ICIP42928.2021.9506325

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Increasing shape-bias in deep neural networks has been shown to improve robustness to common corruptions and noise. In this paper we analyze the adversarial robustness of texture and shape-biased models to Universal Adversarial Perturbations (UAPs). We use UAPs to evaluate the robustness of DNN models with varying degrees of shape-based training. We find that shape-biased models do not markedly improve adversarial robustness, and we show that ensembles of texture and shape-biased models can improve universal adversarial robustness while maintaining strong performance.

引用

页码：799 / 803

页数：5

共 21 条

[1]

Athalye A, 2018, PR MACH LEARN RES, V80

[2]

Biggio Battista, 2013, Machine Learning and Knowledge Discovery in Databases. European Conference, ECML PKDD 2013. Proceedings: LNCS 8190, P387, DOI 10.1007/978-3-642-40994-3_25

[3]

Brendel W., 2019, P INT C LEARN REPR

[4] Procedural Noise Adversarial Examples for Black-Box Attacks on Deep Convolutional Networks [J].

Co, Kenneth T. ;

Munoz-Gonzalez, Luis ;

de Maupeou, Sixte ;

Lupu, Emil C. .

PROCEEDINGS OF THE 2019 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'19), 2019, :275-289

[5]

Co Kenneth T., 2021, ARXIV PREPRINT ARXIV

[6]

Deng YP, 2020, IEEE IMAGE PROC, P1241, DOI [10.1109/icip40778.2020.9191288, 10.1109/ICIP40778.2020.9191288]

[7] Robust Physical-World Attacks on Deep Learning Visual Classification [J].

Eykholt, Kevin ;

Evtimov, Ivan ;

Fernandes, Earlence ;

Li, Bo ;

Rahmati, Amir ;

Xiao, Chaowei ;

Prakash, Atul ;

Kohno, Tadayoshi ;

Song, Dawn .

2018 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR), 2018, :1625-1634

[8]

Geirhos Robert, 2019, INT C LEARNING REPRE

[9] Deep Residual Learning for Image Recognition [J].

He, Kaiming ;

Zhang, Xiangyu ;

Ren, Shaoqing ;

Sun, Jian .

2016 IEEE CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR), 2016, :770-778

[10] Densely Connected Convolutional Networks [J].

Huang, Gao ;

Liu, Zhuang ;

van der Maaten, Laurens ;

Weinberger, Kilian Q. .

30TH IEEE CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR 2017), 2017, :2261-2269

← 1 2 3 →