Hardening against adversarial examples with the smooth gradient method

Commonly used methods in deep learning do not utilise transformations of the residual gradient available at the inputs to update the representation in the dataset. It has been shown that this residual gradient, which can be interpreted as the first-order gradient of the input sensitivity at a partic...

Full description

Saved in:
Bibliographic Details
Published in:Soft computing (Berlin, Germany) Germany), 2018-05, Vol.22 (10), p.3203-3213
Main Authors: Mosca, Alan, Magoulas, George D.
Format: Article
Language:English
Subjects:
Artificial Intelligence
Back propagation
Computational Intelligence
Control
Deep learning
Engineering
Focus
Mathematical Logic and Foundations
Mechatronics
Neural networks
Propagation
Robotics
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Commonly used methods in deep learning do not utilise transformations of the residual gradient available at the inputs to update the representation in the dataset. It has been shown that this residual gradient, which can be interpreted as the first-order gradient of the input sensitivity at a particular point, may be used to improve generalisation in feed-forward neural networks, including fully connected and convolutional layers. We explore how these input gradients are related to input perturbations used to generate adversarial examples and how the networks that are trained with this technique are more robust to attacks generated with the fast gradient sign method.
ISSN:1432-7643
1433-7479
DOI:10.1007/s00500-017-2998-4