perturbation
On the Robustness of Removal-Based Feature Attributions Chris Lin
In recent years, machine learning has shown great promise in a variety of real-world applications.
- Europe > Switzerland > Zürich > Zürich (0.14)
- North America > United States > California > Santa Clara County > Palo Alto (0.04)
- Europe > United Kingdom > England > Cambridgeshire > Cambridge (0.04)
- (3 more...)
Characterization of Overfitting in Robust Multiclass Classification
Nonetheless, modern machine learning is adaptive in its nature. Prior information about a model's performance on the test set inevitably influences
- North America > United States > Wisconsin > Dane County > Madison (0.04)
- North America > United States > New York (0.04)
- North America > United States > Maryland (0.04)
Training on Foveated Images Improves Robustness to Adversarial Attacks
Figure 1: R-Blur adds Gaussian noise to image (a) with the fixation point (red dot) to obtain (b).
- North America > United States > Pennsylvania > Allegheny County > Pittsburgh (0.04)
- North America > United States > Texas (0.04)
- North America > United States > California > Santa Clara County > San Jose (0.04)
- Information Technology > Security & Privacy (0.66)
- Health & Medicine > Therapeutic Area > Neurology (0.46)
Boosting Adversarial Transferability by Achieving Flat Local Maxima
Specifically, we randomly sample an example and adopt a first-order procedure to approximate the Hessian/vector product, which makes computing more efficient by interpolating two neighboring gradients.
- North America > United States > Washington > King County > Seattle (0.04)
- North America > Dominican Republic (0.04)
- Information Technology > Artificial Intelligence > Natural Language (1.00)
- Information Technology > Artificial Intelligence > Representation & Reasoning > Agents > Agent Societies (0.94)
- Information Technology > Artificial Intelligence > Machine Learning > Reinforcement Learning (0.74)
- Information Technology > Artificial Intelligence > Machine Learning > Neural Networks (0.68)
Eliminating Catastrophic Overfitting Via Abnormal Adversarial Examples Regularization
However, SSA T suffers from catastrophic overfit-ting (CO), a phenomenon that leads to a severely distorted classifier, making it vulnerable to multi-step adversarial attacks. In this work, we observe that some adversarial examples generated on the SSA T -trained network exhibit anomalous behaviour, that is, although these training samples are generated by the inner maximization process, their associated loss decreases instead, which we named abnormal adversarial examples (AAEs).
- Asia > Myanmar > Tanintharyi Region > Dawei (0.04)
- North America > Canada > British Columbia > Vancouver Island > Capital Regional District > Victoria (0.04)
Robust low-rank training via approximate orthonormal constraints
By modeling robustness in terms of the condition number of the neural network, we argue that this loss of robustness is due to the exploding singular values of the low-rank weight matrices.
- Europe > Italy > Abruzzo > L'Aquila Province > L'Aquila (0.04)
- Europe > Austria > Tyrol > Innsbruck (0.04)
- Asia > Middle East > Jordan (0.04)
- Europe > United Kingdom > England > Cambridgeshire > Cambridge (0.04)