Item request has been placed! ×
Item request cannot be made. ×
loading  Processing Request

Analysis of dominant classes in universal adversarial perturbations

Item request has been placed! ×
Item request cannot be made. ×
loading   Processing Request
اقرأ على الانترنت اقرأ أكثر حفظ في قائمتي
  • نوع التسجيلة:
    Electronic Resource
  • الدخول الالكتروني :
    http://hdl.handle.net/10810/61570
    https://www.sciencedirect.com/science/article/pii/S0950705121009643
    1872-7409
    0950-7051
    https://www.sciencedirect.com/science/article/pii/S0950705121009643
    info:eu-repo/grantAgreement/MINECO/TIN2016-78365-R
    info:eu-repo/grantAgreement/MICINN/PID2019-104966GB-I00
    info:eu-repo/grantAgreement/MICIU/SEV-2017-0718
  • معلومة اضافية
    • Publisher Information:
      Elsevier 2022-01
    • Added Details:
      Ciencia de la computación e inteligencia artificial
      Konputazio zientziak eta adimen artifiziala
      Vadillo Jueguen, Jon
      Santana Hermida, Roberto
      Lozano Alonso, José Antonio
    • نبذة مختصرة :
      The reasons why Deep Neural Networks are susceptible to being fooled by adversarial examples remains an open discussion. Indeed, many different strategies can be employed to efficiently generate adversarial attacks, some of them relying on different theoretical justifications. Among these strategies, universal (input-agnostic) perturbations are of particular interest, due to their capability to fool a network independently of the input in which the perturbation is applied. In this work, we investigate an intriguing phenomenon of universal perturbations, which has been reported previously in the literature, yet without a proven justification: universal perturbations change the predicted classes for most inputs into one particular (dominant) class, even if this behavior is not specified during the creation of the perturbation. In order to justify the cause of this phenomenon, we propose a number of hypotheses and experimentally test them using a speech command classification problem in the audio domain as a testbed. Our analyses reveal interesting properties of universal perturbations, suggest new methods to generate such attacks and provide an explanation of dominant classes, under both a geometric and a data-feature perspective.
    • الموضوع:
      adversarial examples; universal adversarial perturbations; deep neural networks; robust speech classification; info:eu-repo/semantics/article
    • Note:
      This work is supported by the Basque Government, Spain (BERC 2018–2021 program, project KK-2020/00049 through the ELKARTEK program, IT1244-19, and PRE_2019_1_0128 predoctoral grant), by the Spanish Ministry of Economy and Competitiveness MINECO, Spain (projects TIN2016-78365-R and PID2019-104966GB-I00) and by the Spanish Ministry of Science, Innovation and Universities, Spain (FPU19/03231 predoctoral grant). Jose A. Lozano acknowledges support by the Spanish Ministry of Science, Innovation and Universities, Spain through BCAM Severo Ochoa accreditation (SEV-2017-0718).
      English
    • Other Numbers:
      ESUPV oai:addi.ehu.eus:10810/61570
      1390906012
    • Contributing Source:
      REPOSITORIO DE LA UNIVERSIDAD DEL PAIS
      From OAIster®, provided by the OCLC Cooperative.
    • الرقم المعرف:
      edsoai.on1390906012
HoldingsOnline