Mohammadreza Amirian, F. Schwenker, Thilo Stadelmann
The existence of adversarial attacks on convolutional neural networks (CNN) questions the fitness of such models for serious applications. The attacks manipulate an input image such that misclassification is evoked while still looking normal to a human observer—they are thus not easily detectable. In a different context, backpropagated activations of CNN hidden layers—“feature responses” to a given input—have been helpful to visualize for a human “debugger” what the CNN “looks at” while computing its output. In this work, we propose a novel detection method for adversarial examples to prevent attacks. We do so by tracking adversarial perturbations in feature responses, allowing for automatic detection using average local spatial entropy. The method does not alter the original network architecture and is fully human-interpretable. Experiments confirm the validity of our approach for state-of-the-art attacks on large-scale models trained on ImageNet.
{"title":"Trace and Detect Adversarial Attacks on CNNs Using Feature Response Maps","authors":"Mohammadreza Amirian, F. Schwenker, Thilo Stadelmann","doi":"10.21256/zhaw-3863","DOIUrl":"https://doi.org/10.21256/zhaw-3863","url":null,"abstract":"The existence of adversarial attacks on convolutional neural networks (CNN) questions the fitness of such models for serious applications. The attacks manipulate an input image such that misclassification is evoked while still looking normal to a human observer—they are thus not easily detectable. In a different context, backpropagated activations of CNN hidden layers—“feature responses” to a given input—have been helpful to visualize for a human “debugger” what the CNN “looks at” while computing its output. In this work, we propose a novel detection method for adversarial examples to prevent attacks. We do so by tracking adversarial perturbations in feature responses, allowing for automatic detection using average local spatial entropy. The method does not alter the original network architecture and is fully human-interpretable. Experiments confirm the validity of our approach for state-of-the-art attacks on large-scale models trained on ImageNet.","PeriodicalId":368838,"journal":{"name":"IAPR International Workshop on Artificial Neural Networks in Pattern Recognition","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130257257","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-09-19DOI: 10.1007/978-3-319-99978-4_31
Samuele Capobianco, Leonardo Scommegna, S. Marinai
{"title":"Historical Handwritten Document Segmentation by Using a Weighted Loss","authors":"Samuele Capobianco, Leonardo Scommegna, S. Marinai","doi":"10.1007/978-3-319-99978-4_31","DOIUrl":"https://doi.org/10.1007/978-3-319-99978-4_31","url":null,"abstract":"","PeriodicalId":368838,"journal":{"name":"IAPR International Workshop on Artificial Neural Networks in Pattern Recognition","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130709474","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-09-19DOI: 10.1007/978-3-319-99978-4_26
Thilo Stadelmann, Sebastian Glinski-Haefeli, Patrick Gerber, O. Dürr
{"title":"Capturing Suprasegmental Features of a Voice with RNNs for Improved Speaker Clustering","authors":"Thilo Stadelmann, Sebastian Glinski-Haefeli, Patrick Gerber, O. Dürr","doi":"10.1007/978-3-319-99978-4_26","DOIUrl":"https://doi.org/10.1007/978-3-319-99978-4_26","url":null,"abstract":"","PeriodicalId":368838,"journal":{"name":"IAPR International Workshop on Artificial Neural Networks in Pattern Recognition","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117200555","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-09-19DOI: 10.1007/978-3-319-99978-4_12
Alexander P. Kuleshov, A. Bernstein, Evgeny Burnaev
{"title":"Manifold Learning Regression with Non-stationary Kernels","authors":"Alexander P. Kuleshov, A. Bernstein, Evgeny Burnaev","doi":"10.1007/978-3-319-99978-4_12","DOIUrl":"https://doi.org/10.1007/978-3-319-99978-4_12","url":null,"abstract":"","PeriodicalId":368838,"journal":{"name":"IAPR International Workshop on Artificial Neural Networks in Pattern Recognition","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133462632","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-09-19DOI: 10.1007/978-3-319-99978-4_18
C. Palamidessi, Marco Romanelli
{"title":"Feature Selection with Rényi Min-Entropy","authors":"C. Palamidessi, Marco Romanelli","doi":"10.1007/978-3-319-99978-4_18","DOIUrl":"https://doi.org/10.1007/978-3-319-99978-4_18","url":null,"abstract":"","PeriodicalId":368838,"journal":{"name":"IAPR International Workshop on Artificial Neural Networks in Pattern Recognition","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122906230","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-05-22DOI: 10.1007/978-3-319-99978-4_9
Philipp Oberdiek, M. Rottmann, H. Gottschalk
{"title":"Classification Uncertainty of Deep Neural Networks Based on Gradient Information","authors":"Philipp Oberdiek, M. Rottmann, H. Gottschalk","doi":"10.1007/978-3-319-99978-4_9","DOIUrl":"https://doi.org/10.1007/978-3-319-99978-4_9","url":null,"abstract":"","PeriodicalId":368838,"journal":{"name":"IAPR International Workshop on Artificial Neural Networks in Pattern Recognition","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-05-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128419121","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-22DOI: 10.1007/978-3-319-99978-4_8
Abel S. Zacarias, Luís A. Alexandre
{"title":"Overcoming Catastrophic Forgetting in Convolutional Neural Networks by Selective Network Augmentation","authors":"Abel S. Zacarias, Luís A. Alexandre","doi":"10.1007/978-3-319-99978-4_8","DOIUrl":"https://doi.org/10.1007/978-3-319-99978-4_8","url":null,"abstract":"","PeriodicalId":368838,"journal":{"name":"IAPR International Workshop on Artificial Neural Networks in Pattern Recognition","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114530844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-09-28DOI: 10.1007/978-3-319-46182-3_17
W. Aswolinskiy, R. F. Reinhart, Jochen J. Steil
{"title":"Time Series Classification in Reservoir- and Model-Space: A Comparison","authors":"W. Aswolinskiy, R. F. Reinhart, Jochen J. Steil","doi":"10.1007/978-3-319-46182-3_17","DOIUrl":"https://doi.org/10.1007/978-3-319-46182-3_17","url":null,"abstract":"","PeriodicalId":368838,"journal":{"name":"IAPR International Workshop on Artificial Neural Networks in Pattern Recognition","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124777586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-09-28DOI: 10.1007/978-3-319-46182-3_1
Luca Pasa, A. Sperduti
{"title":"Learning Sequential Data with the Help of Linear Systems","authors":"Luca Pasa, A. Sperduti","doi":"10.1007/978-3-319-46182-3_1","DOIUrl":"https://doi.org/10.1007/978-3-319-46182-3_1","url":null,"abstract":"","PeriodicalId":368838,"journal":{"name":"IAPR International Workshop on Artificial Neural Networks in Pattern Recognition","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125560474","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: