ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

BatchOut: Batch-level feature augmentation to improve robustness to adversarial examples

Subramanya, A and Mopuri, KR and Babu, RV (2018) BatchOut: Batch-level feature augmentation to improve robustness to adversarial examples. In: 11th Indian Conference on Computer Vision, Graphics and Image Processing, ICVGIP 2018, 18-22 December 2018, International Institute of Information Technology Hyderabad.

[img] PDF
BatchOut-Bat--lev-fea-aug-imp.pdf - Published Version
Restricted to Registered users only
Download (748kB) | Request a copy
Official URL: https://dx.doi.org/10.1145/3293353.3293387

Abstract

Machine Learning models are known to be susceptible to small but structured changes to their inputs that can result in wrong inferences. It has been shown that such samples, called adversarial samples, can be created rather easily for standard neural network architectures. These adversarial samples pose a serious threat for deploying state-of-the-art deep neural network models in the real world. We propose a feature augmentation technique called BatchOut to learn robust models towards such examples. The proposed approach is a generic feature augmentation technique that is not specific to any adversary and handles multiple attacks. We evaluate our algorithm on benchmark datasets and architectures to show that models trained using our method are less susceptible to adversaries created using multiple methods. © 2018 ACM.

Item Type: Conference Paper
Publication: ACM International Conference Proceeding Series
Publisher: Association for Computing Machinery
Additional Information: cited By 0; Conference of 11th Indian Conference on Computer Vision, Graphics and Image Processing, ICVGIP 2018 ; Conference Date: 18 December 2018 Through 22 December 2018; Conference Code:165785
Keywords: Computer vision; Deep neural networks; Network architecture, Augmentation techniques; Benchmark datasets; Generic features; Machine learning models; Multiple methods; Neural network model; Standard neural; State of the art, Neural networks
Department/Centre: Division of Interdisciplinary Sciences > Computational and Data Sciences
Date Deposited: 11 Jan 2021 11:17
Last Modified: 11 Jan 2021 11:17
URI: http://eprints.iisc.ac.in/id/eprint/67651

Actions (login required)

View Item View Item
Powered by EPrints A service from The J.R.D. Tata Memorial Library Indian Institute of Science, Bengaluru-560012, India