An analysis of adversarial algorithm techniques in image recognition and their countermeasures
The ability of neural network models to generalise and identify unseen data allows for neural networks to operate outside of what it has been trained on, but makes it vulnerable to data samples altered in human imperceptible ways to produce incorrect predictions. This project aims to experimentally...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/153433 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | The ability of neural network models to generalise and identify unseen data allows for neural networks to operate outside of what it has been trained on, but makes it vulnerable to data samples altered in human imperceptible ways to produce incorrect predictions. This project aims to experimentally test some adversarial algorithms used to fool neural networks, and examine some defensive techniques used to mitigate or prevent such attacks. The MNIST digit dataset, Tensorflow and the Cleverhans Library were used to collect the results required, and it was identified that dropping out neurons and adversarial training not only provided some level of protection against basic adversarial attacks, but improved a model’s capability to generalise and identify unseen, non-adversarial samples. |
|---|