Measuring Adversarial Robustness using a Voronoi-Epsilon Adversary
نویسندگان
چکیده
Previous studies on robustness have argued that there is a tradeoff between accuracy and adversarial accuracy. The can be inevitable even when we neglect generalization. We argue the inherent to commonly used definition of accuracy, which uses an adversary construct points constrained by $\epsilon$-balls around data points. As $\epsilon$ gets large, may use real from other classes as examples. propose Voronoi-epsilon both Voronoi cells $\epsilon$-balls. This balances two notions perturbation. result, based this avoids training large. Finally, show nearest neighbor classifier maximally robust against proposed data.
منابع مشابه
Voronoi Games and Epsilon Nets
Competitive facility location is concerned with the strategic placement of facilities by competing market players. In the Discrete Voronoi Game V G(k, l), two players P1 and P2, respectively, strive to attract as many of n users as possible. Initially, P1 first chooses a set F of k locations in the plane to place its facilities. Then, P2 chooses a set S of l locations in the plane to place its ...
متن کاملDeep Adversarial Robustness
Deep learning has recently contributed to learning state-of-the-art representations in service of various image recognition tasks. Deep learning uses cascades of many layers of nonlinear processing units for feature extraction and transformation. Recently, researchers have shown that deep learning architectures are particularly vulnerable to adversarial examples, inputs to machine learning mode...
متن کاملKnow Your Adversary: Insights for a Better Adversarial Behavioral Model
Given the global challenges of security, both in physical and cyber worlds, security agencies must optimize the use of their limited resources. To that end, many security agencies have begun to use "security game" algorithms, which optimally plan defender allocations, using models of adversary behavior that have originated in behavioral game theory. To advance our understanding of adversary beh...
متن کاملAdversarial Robustness: Softmax versus Openmax
Deep neural networks (DNNs) provide state-of-the-art results on various tasks and are widely used in real world applications. However, it was discovered that machine learning models, including the best performing DNNs, suffer from a fundamental problem: they can unexpectedly and confidently misclassify examples formed by slightly perturbing otherwise correctly recognized inputs. Various approac...
متن کاملImproving DNN Robustness to Adversarial Attacks using Jacobian Regularization
Deep neural networks have lately shown tremendous performance in various applications including vision and speech processing tasks. However, alongside their ability to perform these tasks with such high accuracy, it has been shown that they are highly susceptible to adversarial attacks: a small change of the input would cause the network to err with high confidence. This phenomenon exposes an i...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings of the Northern Lights Deep Learning Workshop
سال: 2023
ISSN: ['2703-6928']
DOI: https://doi.org/10.7557/18.6827