Professional Documents
Culture Documents
Secure Machine Learning With Neural Networks: Mane Pooja (M190442EC)
Secure Machine Learning With Neural Networks: Mane Pooja (M190442EC)
1 Introduction
2 Literature Survey
3 Problem Definition
4 Work Done
5 Work Schedule
6 References
2 / 31
Introduction:
3 / 31
Motivation
4 / 31
Cause of Adversarial Attacks
Insufficient Regularisation.
5 / 31
Literature Survey:
2
Zhihao Zheng, Pengyu Hong. (2018). Robust Detection of Adversarial Attacks by
Modeling the Intrinsic Properties of Deep Neural Networks” .
7 / 31
Literature Survey:
9 / 31
Resist Adversarial Attacks:
Methods to defend Adversarial Attacks
Adversarial Training as a Regularizer
I-Defender
Major Objectives:
1. To identify various adversarial attack methods against NN based
classification.
2. Find the sensitivity of various NN models to such attacks.
3. Devise proper training methods to resist these attacks.
4. Validate the improved resistance to attacks through experiments.
11 / 31
Work Done
12 / 31
Fast Gradient Sign Method(FGSM)
The fast gradient sign method works by using the gradients of the
neural network to create an adversarial example.
13 / 31
Fast Gradient Sign Method(FGSM):
15 / 31
CIFAR10 dataset trained on CNN model
16 / 31
CIFAR10 dataset trained on CNN model
17 / 31
FGSM - CIFAR10
18 / 31
MNIST dataset trained on CNN model
19 / 31
MNIST dataset trained on CNN model
20 / 31
FGSM - MNIST
21 / 31
FMNIST dataset trained on DNN model
22 / 31
FMNIST dataset trained on DNN model
23 / 31
FGSM - FMNIST
24 / 31
MNIST dataset trained on DNN model
25 / 31
MNIST dataset trained on DNN model
26 / 31
FGSM - MNIST
27 / 31
Conclusions based on above Results:
28 / 31
Work Schedule
29 / 31
References
30 / 31
The End
31 / 31