Welcome to Scribd!

Skip carousel

Image Recognition: Defense Adversarial Attacks Using Generative Adversarial Network (GAN)

Uploaded by

Mohammed

0% found this document useful (0 votes)

4 views25 pages

Talk at Crunch Seminar

Original Title

Talk at Crunch Seminar 02152019

Copyright

Available Formats

PPTX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Talk at Crunch Seminar

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

4 views25 pages

Image Recognition: Defense Adversarial Attacks Using Generative Adversarial Network (GAN)

Uploaded by

Mohammed

Talk at Crunch Seminar

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 25

Search inside document

Image recognition: Defense adversarial attacks

using Generative Adversarial Network (GAN)

Speaker: Guofei Pang

Division of Applied Mathematics

Brown University

Presentation after reading the paper:

Ilyas, Andrew, et al. "The Robust Manifold Defense: Adversarial Training using
Generative Models." arXiv preprint arXiv:1712.09196 (2017).
Outline

 Adversarial attacks
 Generative Adversarial Network (GAN)
 How to defense attacks using GAN
 Numerical results

2/25
Adversarial Attacks

3/25
Adversarial Attacks

4/25
Adversarial Attacks

n =

𝐈𝐦𝐚𝐠𝐞 𝐚𝐬 𝐚 𝐯𝐞𝐜𝐭𝐨𝐫:
m
𝐱 = 𝐱𝐣 ,
𝐣 = 𝟏, 𝟐, … , 𝐧 ∗ 𝐦

n*m

5/25
Adversarial Attacks

𝐱𝟏

𝐱𝟐

𝐱𝟏 − 𝐱 𝟐 𝟐 < 𝐞𝟎 𝐂(𝐱𝟏) − 𝐂(𝐱𝟐) > 𝐟𝟎

Adversarial examples for a classifier C():

 A pair of input x1 and x2
 A person says they are of the same class
 But a classifier will they are completely different!
6/25
Adversarial Attacks

Why does classifier become fool for these examples?

7/25
Adversarial Attacks

Why does classifier become fool for these examples?

An intuition from the authors:

 Natural image: Low-dimensional manifold
 Noisy image: High-dimensional manifold
 High dimensionality is tough for classifier.

8/25
Generative adversarial network (GAN)

 x and x’ have similar PDF

 G() has learned the underlying distribution of
image dataset after training GAN
 The DNN G() is a nonlinear mapping from low-
dimensional space, z, to high-dimensional space, x’

Original image x Synthetic image /Generative model

x’=G(z)
GAN Generator G(z)

Noisy input z, say, z – N(0,I)

9/25
Generative adversarial network (GAN)

 Convergence state: pdata(x)=pG(x)

 Green solid line: probability density function (PDF) of the
generator G()
 Black dotted line: PDF of original image x, i.e., pdata(x)
 Blue dash line: PDF of discriminator D()
10/25
Generative adversarial network (GAN)

11/25
How to defense attacks using GAN

 G() is pre-trained and has learned the underlying

distribution of the training (image) dataset after
training GAN
Invert and Classify
Synthetic image x’=G(z*)
(Preserve low-dimensional
manifold)
Classifier C()

Original image x
(Could include high-
dimensional manifold
when noise enters)

12/25
How to defense attacks using GAN

 G() is pre-trained and has learned the underlying

distribution of the training (image) dataset after
training GAN
Enhanced Invert and Classify
Synthetic image x’=G(z*)
(Preserve low-dimensional Classifier C()
manifold) (retrain the classifier)

Upper bound of attack magnitude Classification loss

13/25
Numerical results

First-order classifier attacks for handwritten digit classification

14/25
Numerical results

First-order classifier attacks for handwritten digit classification

15/25
Numerical results

First-order classifier attacks for handwritten digit classification

16/25
Numerical results

First-order classifier attacks for gender classification

17/25
Numerical results

First-order classifier attacks for gender classification

18/25
Numerical results

Substitute model attacks

Results from Invert and Classify

19/25
Numerical results

Comparison between
Invert and Classify and Enhanced Invert and Classify

20/25
Numerical results

21/25
Numerical results

22/25
Numerical results

23/25
Numerical results

24/25
Thinking

 GAN for regression problems?

 GAN versus other neural

networks?

 One defense strategy for all types

of attacks?
25/25

Unsupervised Learning
Document14 pages
Unsupervised Learning
Vignesh Gokul
No ratings yet
Lec 19
Document25 pages
Lec 19
thesurajzaware
No ratings yet
GAN Toronto
Document24 pages
GAN Toronto
ziliang.miao26
No ratings yet
Chapter1: Introduction: Notes On MLAPP
Document25 pages
Chapter1: Introduction: Notes On MLAPP
wuziqi
No ratings yet
Adversarial Attacks on Face Detectors using Neural Net based Constrained Optimization
Document6 pages
Adversarial Attacks on Face Detectors using Neural Net based Constrained Optimization
Soare Peogoare
No ratings yet
Secure Machine Learning With Neural Networks: Mane Pooja (M190442EC)
Document31 pages
Secure Machine Learning With Neural Networks: Mane Pooja (M190442EC)
pooja
No ratings yet
Domain Transfer
Document110 pages
Domain Transfer
Abo Mohammad
No ratings yet
Defending Adversarials
Document18 pages
Defending Adversarials
23kl104
No ratings yet
Robust Deep Learning
Document39 pages
Robust Deep Learning
william walters
No ratings yet
Gate 2024 Da Sample Question Paper Final
Document29 pages
Gate 2024 Da Sample Question Paper Final
Shrinad Patil
No ratings yet
5469-Article Text-8694-1-10-20200511
Document8 pages
5469-Article Text-8694-1-10-20200511
Sicong Cao
No ratings yet
An Eye For An Eye: Defending Against Gradient-Based Attacks With Gradients
Document10 pages
An Eye For An Eye: Defending Against Gradient-Based Attacks With Gradients
vdshgv
No ratings yet
ICML07 Tutorial PDF
Document68 pages
ICML07 Tutorial PDF
kass_ecs
No ratings yet
Asymmetric Key Cryptography
Document51 pages
Asymmetric Key Cryptography
Hari Krishna
No ratings yet
Data Science AISample Question Paper
Document28 pages
Data Science AISample Question Paper
Prashanth
No ratings yet
DIP Lecture 9
Document34 pages
DIP Lecture 9
Sukanti Pal
No ratings yet
From Adversarial Training To Geenerative Adversarial Networks
Document12 pages
From Adversarial Training To Geenerative Adversarial Networks
Bhbjnn
No ratings yet
Adversarial Training For Free
Document12 pages
Adversarial Training For Free
SahilKumar
No ratings yet
Wasserstein GAN: Mai Đức Tài Trịnh Hoàng Hiệp
Document40 pages
Wasserstein GAN: Mai Đức Tài Trịnh Hoàng Hiệp
dinhmanh hoang
No ratings yet
Attacks Against Machine Learning - Evasion
Document45 pages
Attacks Against Machine Learning - Evasion
Anil Yogi
No ratings yet
CM02 Gan
Document40 pages
CM02 Gan
safa ameur
No ratings yet
Test Bank For Introductory Statistics 9th by Mann
Document36 pages
Test Bank For Introductory Statistics 9th by Mann
henchmangenipapn50d
100% (40)
A Review: Generative Adversarial Networks: Liang Gonog and Yimin Zhou
Document6 pages
A Review: Generative Adversarial Networks: Liang Gonog and Yimin Zhou
D
No ratings yet
Layer-Wise Adversarial Training
Document8 pages
Layer-Wise Adversarial Training
pooja
No ratings yet
2023-24_AIML_ML_Mid-Semester_Make-up_Answer-keys
Document6 pages
2023-24_AIML_ML_Mid-Semester_Make-up_Answer-keys
SabariMurugan Sivakumar
No ratings yet
Full Download Test Bank For Introductory Statistics 9th Edition Prem S Mann PDF Full Chapter
Document36 pages
Full Download Test Bank For Introductory Statistics 9th Edition Prem S Mann PDF Full Chapter
torosityacardiacj26v
100% (18)
Unit II
Document116 pages
Unit II
vishwaugh
No ratings yet
Test Bank For Introductory Statistics 9th Edition Prem S Mann
Document36 pages
Test Bank For Introductory Statistics 9th Edition Prem S Mann
henchmangenipapn50d
100% (46)
CS480 Lecture November 14th
Document72 pages
CS480 Lecture November 14th
Rajeswari
No ratings yet
Week 1
Document11 pages
Week 1
ng0934325
No ratings yet
Talk MBA AI XAI 3 PDF
Document81 pages
Talk MBA AI XAI 3 PDF
Longyin Wang
No ratings yet
Inoculation Strategies For Victims of Viruses and The Sum-of-Squares Partition Problem
Document40 pages
Inoculation Strategies For Victims of Viruses and The Sum-of-Squares Partition Problem
phsgb1
No ratings yet
Dimensionality Reduction 22-01-22
Document47 pages
Dimensionality Reduction 22-01-22
Ashish Cherukuri
No ratings yet
Test Bank For Introductory Statistics 9th by Mann
Document9 pages
Test Bank For Introductory Statistics 9th by Mann
Bruce Carrousal
100% (35)
Zhou 18 A
Document10 pages
Zhou 18 A
Khalid Nouiga
No ratings yet
Generalized Discriminant Analysis: Jinyong Kang
Document17 pages
Generalized Discriminant Analysis: Jinyong Kang
Me trai
No ratings yet
Gda
Document17 pages
Gda
misscoma
No ratings yet
Java Fundamentals Chapter 2 Test
Document6 pages
Java Fundamentals Chapter 2 Test
TIẾN TRẦN MINH
No ratings yet
CS40003 Data Analytics End-Autumn Semester Test
Document11 pages
CS40003 Data Analytics End-Autumn Semester Test
alia patil
No ratings yet
Logistic Regression: Classification
Document32 pages
Logistic Regression: Classification
esteban1815
No ratings yet
Logistic Regression for Classification
Document31 pages
Logistic Regression for Classification
Ravi P Hunachannavar
No ratings yet
AC16 Software Engineering OBJECTIVE TYPE
Document81 pages
AC16 Software Engineering OBJECTIVE TYPE
ensavitha
No ratings yet
Sample Questions: Subject Name: Semester: IV
Document19 pages
Sample Questions: Subject Name: Semester: IV
CRCE 9192 Alton
No ratings yet
Chapter 07
Document68 pages
Chapter 07
Enfant Mort
No ratings yet
Docs Slides Lecture6
Document31 pages
Docs Slides Lecture6
PravinkumarGhodake
No ratings yet
Telegram Channel Telegram Group
Document36 pages
Telegram Channel Telegram Group
Yatharth Saxena
No ratings yet
Introduction To Machine Learning: Workshop On Machine Learning For Intelligent Image Processing
Document44 pages
Introduction To Machine Learning: Workshop On Machine Learning For Intelligent Image Processing
Lekshmi
No ratings yet
Adversarial Attacks On LLMs - Lil'Log
Document30 pages
Adversarial Attacks On LLMs - Lil'Log
Long Thanh Nguyen
No ratings yet
Test Bank For Introductory Statistics 9th Edition Prem S Mann
Document9 pages
Test Bank For Introductory Statistics 9th Edition Prem S Mann
Alexis Cincotta
100% (38)
Acpc 2010
Document12 pages
Acpc 2010
tesrrs
No ratings yet
Enc Encoded C GjaZn0H7s4d8TxwCe 3b4pjo24ZJ0okwUOhgcEyM H RQ1n30CeFMvO9vFiyLlyNQ
Document10 pages
Enc Encoded C GjaZn0H7s4d8TxwCe 3b4pjo24ZJ0okwUOhgcEyM H RQ1n30CeFMvO9vFiyLlyNQ
Pranav vignesh
No ratings yet
Generative Adversarial Networks (Gans) : Date: 14.11.2022
Document12 pages
Generative Adversarial Networks (Gans) : Date: 14.11.2022
Niteesh Krishna
No ratings yet
Tiered Deep Similarity Search For Fashion
Document9 pages
Tiered Deep Similarity Search For Fashion
Sangeeta Jain
No ratings yet
Lec25 MonteCarloMethods
Document57 pages
Lec25 MonteCarloMethods
hu jack
No ratings yet
Digits Recognition Dataset
Document4 pages
Digits Recognition Dataset
Joe1
No ratings yet
Agriculture Statistics Objective Questions MCQ
Document4 pages
Agriculture Statistics Objective Questions MCQ
Sethupathi Sivaprakasam
No ratings yet
Multiple Choice Questions on Deep Learning
Document34 pages
Multiple Choice Questions on Deep Learning
neha Shukla
91% (69)
Test Bank For Introductory Statistics 9th Edition Prem S Mann
Document9 pages
Test Bank For Introductory Statistics 9th Edition Prem S Mann
dieurobertp6cufv
No ratings yet
Richard P. Paul Robot Manipulators Mathematics, Programming, and Control Artificial Intelligence PDF
Document292 pages
Richard P. Paul Robot Manipulators Mathematics, Programming, and Control Artificial Intelligence PDF
நந்த_குமார்
100% (1)
Kobuki_soft Simulation in ROS
Document17 pages
Kobuki_soft Simulation in ROS
이주순
No ratings yet
Soft Computing MCQ
Document10 pages
Soft Computing MCQ
Saurabh
No ratings yet
Lecture 1
Document43 pages
Lecture 1
amrasirah
No ratings yet
Sts - Activity 8
Document2 pages
Sts - Activity 8
Jasel Daliposa
No ratings yet
Control 3 Diff
Document21 pages
Control 3 Diff
An Phu Pham
No ratings yet
Fundamental Knowledge of Machine Learning: Abstract This Chapter Introduces The Basic Concepts and Methods of Machine
Document14 pages
Fundamental Knowledge of Machine Learning: Abstract This Chapter Introduces The Basic Concepts and Methods of Machine
Jasmine Tuason
No ratings yet
Artificial Intelligence Full Seminar Report Way2project in
Document10 pages
Artificial Intelligence Full Seminar Report Way2project in
Shalini Tiwari
100% (2)
521495A Tasks
Document6 pages
521495A Tasks
ShAh NawaZz
No ratings yet
Handwritten Hindi Character Recognition Using Deep Learning Techniques
Document8 pages
Handwritten Hindi Character Recognition Using Deep Learning Techniques
Ms. Divya Konikkara
No ratings yet
Tileworld Simulation
Document3 pages
Tileworld Simulation
joseangelini
No ratings yet
Practical Research 1 (Technology-Artificial Intelligence)
Document3 pages
Practical Research 1 (Technology-Artificial Intelligence)
Mark Ormega
No ratings yet
Jadwal Seminar Proposal Sistem Informasi 2020/2021: No Kelompok Hari/Tanggal Pukul
Document4 pages
Jadwal Seminar Proposal Sistem Informasi 2020/2021: No Kelompok Hari/Tanggal Pukul
dsadasdas
No ratings yet
AI Sheet NN
Document2 pages
AI Sheet NN
Menna Saed
No ratings yet
Virtual Reality
Document27 pages
Virtual Reality
divya
No ratings yet
Lesson 5 Deep Neural Net Optimization Tuning Interpretability
Document105 pages
Lesson 5 Deep Neural Net Optimization Tuning Interpretability
VIJENDHER REDDY GURRAM
No ratings yet
Stereolithography: 3D Printing Layer by Layer
Document3 pages
Stereolithography: 3D Printing Layer by Layer
Ionuț Stănculea
No ratings yet
Juan Sumulong High School: English For Academic Purposes
Document59 pages
Juan Sumulong High School: English For Academic Purposes
peter vander
No ratings yet
Nanotech Uses and Concerns
Document10 pages
Nanotech Uses and Concerns
JUHANA MACARIMBANG
100% (1)
03 CNN
Document33 pages
03 CNN
aldi afrizal
No ratings yet
Artificial Intelligence (AI) : Amina Irizarry-Nones Anjali Palepu Merrick Wallace
Document14 pages
Artificial Intelligence (AI) : Amina Irizarry-Nones Anjali Palepu Merrick Wallace
Irfan Ahmed
No ratings yet
Exam Questions About Additive Manufacturing
Document2 pages
Exam Questions About Additive Manufacturing
oussama
No ratings yet
Ai 120201184
Document7 pages
Ai 120201184
Aser Dada
No ratings yet
Mindstorms Ev3 Parts
Document1 page
Mindstorms Ev3 Parts
Schiller Viktor
No ratings yet
Deep Learning Approach For Object Detection Using CNN: Abstract
Document7 pages
Deep Learning Approach For Object Detection Using CNN: Abstract
AYUSH MISHRA
No ratings yet
SBT1307 Nanotechnology Nanotechnology
Document24 pages
SBT1307 Nanotechnology Nanotechnology
THAMARAI PACKIYAM
No ratings yet
55 M.Tech - Nano Technology
Document11 pages
55 M.Tech - Nano Technology
Muraleetharan_B
No ratings yet
Experiment No 6
Document7 pages
Experiment No 6
Tasty Food
No ratings yet
W1M1-Intro To ML
Document19 pages
W1M1-Intro To ML
2480054
No ratings yet
Conflict of Interest List CIRM Directors Quest Awards June 2017
Document2 pages
Conflict of Interest List CIRM Directors Quest Awards June 2017
California Stem Cell Report
No ratings yet