Utilizing full neuronal states for adversarial robustness

Alex Gain; Hava T. Siegelmann

doi:10.1117/12.2542804

Translator Disclaimer

12 November 2019 Utilizing full neuronal states for adversarial robustness

Alex Gain, Hava T. Siegelmann

Author Affiliations +

Proceedings Volume 11197, SPIE Future Sensing Technologies; 1119712 (2019) https://doi.org/10.1117/12.2542804
Event: SPIE Future Sensing Technologies, 2019, Tokyo, Japan

Abstract

Small, imperceptible perturbations of the input data can lead to DNNs making egregious errors during inference, such as misclassifying an image of a dog as a cat with high probability. Thus, defending against adversarial examples for deep neural networks (DNNs) is of great interest to sensing technologies and the machine learning community to ensure the security of practical systems where DNNs are used. Whereas many approaches have been explored for defending against adversarial attacks, few have made use of the full state of the entire network, opting instead to only consider the output layer and gradient information. We develop several motivated techniques that make use of the full network state, improving adversarial robustness. We provide principled motivation of our techniques via analysis of attractor dynamics, shown to occur in the highly recurrent human brain, and validate our improvements via empirical results on standard datasets and white-box attacks.

Citation Download Citation

Alex Gain and Hava T. Siegelmann "Utilizing full neuronal states for adversarial robustness", Proc. SPIE 11197, SPIE Future Sensing Technologies, 1119712 (12 November 2019); https://doi.org/10.1117/12.2542804

ACCESS THE FULL ARTICLE

PURCHASE THIS CONTENT

INTERESTED IN A FREE CORPORATE TRIAL?

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members: $17.00

Non-members: $21.00 ADD TO CART

PROCEEDINGS
3 PAGES

DOWNLOAD PAPER SAVE TO MY LIBRARY

SHARE

GET CITATION

< Previous Article

|

Next Article >

KEYWORDS

Defense and security

Information security

Network security

Neural networks

Sensing systems

Stochastic processes

RELATED CONTENT

Learning consensus in adversarial environments
Proceedings of SPIE (May 17 2013)

The research of security and real time based on the...
Proceedings of SPIE (March 14 2013)

Security issues in cooperative spectrum sensing for cognitive radio network
Proceedings of SPIE (March 14 2013)

Optimization analysis for image-based steganography using generative adversarial networks
Proceedings of SPIE (November 06 2019)

Perimeter security alarm system based on fiber Bragg grating
Proceedings of SPIE (November 09 2010)

Mathematical defense method of networked servers with controlled remote backups
Proceedings of SPIE (May 02 2006)

Toward a theoretical framework for trustworthy cyber sensing
Proceedings of SPIE (April 28 2010)

Subscribe to Digital Library

Receive Erratum Email Alert

Keywords/Phrases

Search In:

Publication Years