Adversarial robustness in deep learning: attacks on fragile neurons

Pravin, C., Martino, I., Nicosia, G. and Ojha, V. ORCID: https://orcid.org/0000-0002-9256-1192 (2021) Adversarial robustness in deep learning: attacks on fragile neurons. In: 30th International Conference on Artificial Neural Networks, September 14-17, 2021, Bratislava, Slovakia (Online), pp. 16-28. doi: 10.1007/978-3-030-86362-3_2

Abstract/Summary

We identify fragile and robust neurons of deep learning architectures using nodal dropouts of the first convolutional layer. Using an adversarial targeting algorithm, we correlate these neurons with the distribution of adversarial attacks on the network. Adversarial robustness of neural networks has gained significant attention in recent times and highlights intrinsic weaknesses of deep learning networks against carefully constructed distortion applied to input images. In this paper, we evaluate the robustness of state-of-the-art image classification models trained on the MNIST and CIFAR10 datasets against the fast gradient sign method attack, a simple yet effective method of deceiving neural networks. Our method identifies the specific neurons of a network that are most affected by the adversarial attack being applied. We, therefore, propose to make fragile neurons more robust against these attacks by compressing features within robust neurons and amplifying the fragile neurons proportionally.

Item Type	Conference or Workshop Item (Paper)
URI	https://reading-clone.eprints-hosting.org/id/eprint/99457
Item Type	Conference or Workshop Item
Refereed	Yes
Divisions	Interdisciplinary Research Centres (IDRCs) > Centre for the Mathematics of Planet Earth (CMPE) Science > School of Mathematical, Physical and Computational Sciences > Department of Computer Science
Download/View statistics	View download statistics for this item