2021 Fiscal Year Annual Research Report
Learning Internal Representations Robust against Adversarial Attacks
| Project/Area Number |
20K19824
|
|---|
| Research Institution | Kyushu University |
|---|
Principal Investigator |
VARGAS DANILO 九州大学, システム情報科学研究院, 准教授 (00795536)
|
|---|
| Project Period (FY) |
2020-04-01 – 2022-03-31
|
| Keywords | Adversarial ML / Robust Representations / Robust AI |
|---|
| Outline of Annual Research Achievements |
Current Deep Neural Networks (DNN) are known to possess many vulnerabilities which make their application to many fields unsafe. In my past work, the One-Pixel Attack, it was revealed that even very small changes are able to change the classification of DNNs. Many defenses have been proposed, including Adversarial Training, however, all of them have the same vulnerabilities.
In our last investigations, it was understood that the problem lies in the fact that DNNs focus on the texture rather than the shape in their representation. Generative Adversarial Networks (GAN), however, learn to encode, decode as well as transform images and are known to learn internally complex models of the input that goes beyond texture.
Here, I proposed to tackle the robustness of DNNs by using the internal representation learned by GANs and datasets augmented with adversarial samples to create DNNs capable of classifying based on features that go beyond texture.
Our new findings open up a new understanding of robustness for neural networks as well as pioneer a new paradigm with SyncMap.
Related to this research investigation, this year's achievements were: 2 papers in journals, 7 papers in proceedings of international conferences and 2 awards.
|
Research Products
(11 results)
