Investigating the causes of the vulnerability of CNNs to adversarial perturbations: learning objective, model components, and learned representations
This work focuses on understanding how adversarial perturbations can disrupt the behavior of Convolutional Neural Networks (CNNs). Here, it is hypothesized that some components may be more vulnerable than others, unlike other research that considers a model vulnerable as a whole. Identifying model-s...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis-Master by Research |
| Language: | English |
| Published: |
Nanyang Technological University
2023
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/171336 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-171336 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1713362023-11-02T02:20:48Z Investigating the causes of the vulnerability of CNNs to adversarial perturbations: learning objective, model components, and learned representations Coppola, Davide Guan Cuntai School of Computer Science and Engineering Agency for Science, Technology and Research ( A*STAR) CTGuan@ntu.edu.sg Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence This work focuses on understanding how adversarial perturbations can disrupt the behavior of Convolutional Neural Networks (CNNs). Here, it is hypothesized that some components may be more vulnerable than others, unlike other research that considers a model vulnerable as a whole. Identifying model-specific vulnerabilities can help develop ad hoc defense mechanisms to effectively patch trained models without having to retrain them. For this purpose, analytical frameworks have been developed to serve two purposes: 1) to diagnose trained models and reveal model-specific vulnerabilities; and 2) to understand how the learned hidden representations of a CNN are affected by adversarial perturbations. Empirical results verified that the shallow layers play a major role in the vulnerability of the entire model. Furthermore, it was found that a few channels in the shallow layers are significantly more vulnerable than others in the same layers, highlighting them as the main causes of a model’s weakness to adversarial perturbations. Master of Engineering 2023-10-19T05:15:00Z 2023-10-19T05:15:00Z 2023 Thesis-Master by Research Coppola, D. (2023). Investigating the causes of the vulnerability of CNNs to adversarial perturbations: learning objective, model components, and learned representations. Master's thesis, Nanyang Technological University, Singapore. https://hdl.handle.net/10356/171336 https://hdl.handle.net/10356/171336 10.32657/10356/171336 en This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License (CC BY-NC 4.0). application/pdf Nanyang Technological University |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence |
| spellingShingle |
Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence Coppola, Davide Investigating the causes of the vulnerability of CNNs to adversarial perturbations: learning objective, model components, and learned representations |
| description |
This work focuses on understanding how adversarial perturbations can disrupt the behavior of Convolutional Neural Networks (CNNs). Here, it is hypothesized that some components may be more vulnerable than others, unlike other research that considers a model vulnerable as a whole. Identifying model-specific vulnerabilities can help develop ad hoc defense mechanisms to effectively patch trained models without having to retrain them. For this purpose, analytical frameworks have been developed to serve two purposes: 1) to diagnose trained models and reveal model-specific vulnerabilities; and 2) to understand how the learned hidden representations of a CNN are affected by adversarial perturbations. Empirical results verified that the shallow layers play a major role in the vulnerability of the entire model. Furthermore, it was found that a few channels in the shallow layers are significantly more vulnerable than others in the same layers, highlighting them as the main causes of a model’s weakness to adversarial perturbations. |
| author2 |
Guan Cuntai |
| author_facet |
Guan Cuntai Coppola, Davide |
| format |
Thesis-Master by Research |
| author |
Coppola, Davide |
| author_sort |
Coppola, Davide |
| title |
Investigating the causes of the vulnerability of CNNs to adversarial perturbations: learning objective, model components, and learned representations |
| title_short |
Investigating the causes of the vulnerability of CNNs to adversarial perturbations: learning objective, model components, and learned representations |
| title_full |
Investigating the causes of the vulnerability of CNNs to adversarial perturbations: learning objective, model components, and learned representations |
| title_fullStr |
Investigating the causes of the vulnerability of CNNs to adversarial perturbations: learning objective, model components, and learned representations |
| title_full_unstemmed |
Investigating the causes of the vulnerability of CNNs to adversarial perturbations: learning objective, model components, and learned representations |
| title_sort |
investigating the causes of the vulnerability of cnns to adversarial perturbations: learning objective, model components, and learned representations |
| publisher |
Nanyang Technological University |
| publishDate |
2023 |
| url |
https://hdl.handle.net/10356/171336 |
| _version_ |
1781793683349176320 |