Deep Learning can be easily fooled

On a post I wrote last year, I talked about the fact that Deep Neural Network could not label a changed image correctly (e.g. Recently, a related result is shown by researchers from University of Wyoming and Cornell University. They produced images completely unrecognizable to human eyes (as shown in the right picture) while DNN will still label them to be familiar objects (such as cheetah/peacock/baseball/…) with 99.99% confidence. Researchers used one of the best Deep Neural Networks, the "AlexNet" trained on the 1.3-million-image ILSVRC 2012 ImageNet dataset, to achieve state-of-the-art performance, and "LeNet" model trained on the MNIST dataset to test if the result holds for other DNN architectures. "AlexNet" and "LeNet" are both provided by the Caffe Software package.