Inspecting adversarial examples using the fisher information

被引:11
|
作者
Martin, Joerg [1 ]
Elster, Clemens [2 ]
机构
[1] Phys Tech Bundesanstalt, Data Anal Grp, Abbestr 2, D-10587 Berlin, Germany
[2] Phys Tech Bundesanstalt, Abbestr 2, D-10587 Berlin, Germany
来源
NEUROCOMPUTING | 2020年 / 382卷
关键词
Deep Learning; Adversarial Examples; Fisher information; Explainability; MODELS;
D O I
10.1016/j.neucom.2019.11.052
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Adversarial examples are constructed by slightly perturbing a correctly processed input to a trained neural network such that the network produces an incorrect result. This work proposes the usage of the Fisher information for the detection of such adversarial attacks. We discuss various quantities whose computation scales well with the network size, study their behavior on adversarial examples and show how they can highlight the importance of single input neurons, thereby providing a visual tool for further analyzing the behavior of a neural network. The potential of our methods is demonstrated by applications to the MNIST, CIFARI0 and Fruits-360 datasets and through comparison to concurring methods. (C) 2019 Elsevier B.V. All rights reserved.
引用
收藏
页码:80 / 86
页数:7
相关论文
共 50 条
  • [1] Information Security Meets Adversarial Examples
    Kirchner, Matthias
    Pasquini, Cecilia
    Shumailov, Ilia
    2019 IEEE INTERNATIONAL WORKSHOP ON INFORMATION FORENSICS AND SECURITY (WIFS), 2019,
  • [2] The Adversarial Attack and Detection under the Fisher Information Metric
    Zhao, Chenxiao
    Fletcher, P. Thomas
    Yu, Mixue
    Peng, Yaxin
    Zhang, Guixu
    Shen, Chaomin
    THIRTY-THIRD AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE / THIRTY-FIRST INNOVATIVE APPLICATIONS OF ARTIFICIAL INTELLIGENCE CONFERENCE / NINTH AAAI SYMPOSIUM ON EDUCATIONAL ADVANCES IN ARTIFICIAL INTELLIGENCE, 2019, : 5869 - 5876
  • [3] Exploring adversarial examples and adversarial robustness of convolutional neural networks by mutual information
    Zhang J.
    Qian W.
    Cao J.
    Xu D.
    Neural Computing and Applications, 2024, 36 (23) : 14379 - 14394
  • [4] Purifying Adversarial Examples Using an Autoencoder
    van Weezel, Thijs
    van Ree, Famke
    Bos, Tychon
    Bastiaanssen, Patrick
    Hess, Sibylle
    DISCOVERY SCIENCE, DS 2024, PT II, 2025, 15244 : 134 - 148
  • [5] Leveraging Adversarial Examples to Quantify Membership Information Leakage
    Del Grosso, Ganesh
    Jalalzai, Hamid
    Pichler, Georg
    Palamidessi, Catuscia
    Piantanida, Pablo
    2022 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR), 2022, : 10389 - 10399
  • [6] Detecting Adversarial Examples Using Surrogate Models
    Feldsar, Borna
    Mayer, Rudolf
    Rauber, Andreas
    MACHINE LEARNING AND KNOWLEDGE EXTRACTION, 2023, 5 (04): : 1796 - 1825
  • [7] Enhancing Adversarial Examples on Deep Q Networks with Previous Information
    Sooksatra, Korn
    Rivas, Pablo
    2021 IEEE SYMPOSIUM SERIES ON COMPUTATIONAL INTELLIGENCE (IEEE SSCI 2021), 2021,
  • [8] Detecting Adversarial Examples Using Data Manifolds
    Jha, Susmit
    Jang, Uyeong
    Jha, Somesh
    Jalaian, Brian
    2018 IEEE MILITARY COMMUNICATIONS CONFERENCE (MILCOM 2018), 2018, : 547 - 552
  • [9] Using Adversarial Examples in Natural Language Processing
    Belohlavek, Petr
    Platek, Ondrej
    Zabokrtsky, Zdenek
    Straka, Milan
    PROCEEDINGS OF THE ELEVENTH INTERNATIONAL CONFERENCE ON LANGUAGE RESOURCES AND EVALUATION (LREC 2018), 2018, : 3693 - 3700
  • [10] On Generation of Adversarial Examples using Convex Programming
    Balda, Emilio Rafael
    Behboodi, Arash
    Mathar, Rudolf
    2018 CONFERENCE RECORD OF 52ND ASILOMAR CONFERENCE ON SIGNALS, SYSTEMS, AND COMPUTERS, 2018, : 60 - 65
12345