Scribd Logo
Upload

Welcome to Scribd!

  • Generative Adversarial Networks (GANs)

    Uploaded by

    48 Kartik Bhasin
    3 views37 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views37 pages

    Generative Adversarial Networks (GANs)

    Uploaded by

    48 Kartik Bhasin

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 37

    Generative Adversarial

    Networks (GANs)
    What Are Generative Adversarial Networks?

    • Generative Adversarial Networks (GANs) are a powerful class of neural


    networks that are used for unsupervised learning and Artificial Intelligence.
    • The goal of generative modeling is to autonomously identify patterns in input
    data, enabling the model to produce new examples that feasibly resemble the
    original dataset.
    • GANs are made up of two neural networks, a discriminator and a generator.
    They use adversarial training to produce artificial data that is identical to
    actual data.
    • The Generator attempts to fool the Discriminator, which is tasked with
    accurately distinguishing between produced and genuine data, by producing
    random noise samples.
    • Realistic, high-quality samples are produced as a result of this competitive
    interaction, which drives both networks towards advancement.
    Architecture

    Generator Model
    • A key element responsible for creating fresh, accurate data in a Generative
    Adversarial Network (GAN) is the generator model.
    • The generator takes random noise as input and converts it into complex data
    samples, such text or images.
    • The generator adjusts its output to produce samples that closely mimic real
    data as it is being trained by using backpropagation to fine-tune its parameters.
    • The generator’s ability to generate high-quality, varied samples that can fool
    the discriminator is what makes it successful.
    Architecture
    Discriminator Model
    • An artificial neural network called a discriminator model is used in Generative Adversarial
    Networks (GANs) to differentiate between generated and actual input. By evaluating
    input samples and allocating probability of authenticity, the discriminator functions as a
    binary classifier.
    • Over time, the discriminator learns to differentiate between genuine data from the
    dataset and artificial samples created by the generator.
    • This allows it to progressively hone its parameters and increase its level of proficiency.
    Convolutional layers or pertinent structures for other modalities are usually used in its
    architecture when dealing with picture data.
    • The discriminator grows increasingly discriminating as a result of the generator and
    discriminator’s interaction, which helps the GAN produce extremely realistic-looking
    synthetic data overall.
    ALGORITHMic IMPLEmentation
    Full Code implementation on Google Colab: CLICK HERE
    Different Types of GAN Models

    • Self Attention GAN (SAGAN)


    • Vanilla GAN
    • Conditional GAN (CGAN)
    • Deep Convolutional GAN (DCGAN)
    • Laplacian Pyramid GAN (LAPGAN)
    • Super Resolution GAN (SRGAN)
    What challenges do GANs face?

    MODE COLLAPSE
    • Mode collapse happens when the generator focuses on producing a limited set
    of data patterns that deceive the discriminator.
    • It becomes fixated on a few dominant modes in the training data and fails to
    capture the full diversity of the data distribution.
    TRAINING INSTABILITY
    • Several factors contribute to the instability of GAN training, including:
    Vanishing gradients: The discriminator may become too powerful, leading to
    vanishing gradients for the generator. This issue hampers the generator's
    ability to learn and update its parameters effectively.
    Applications

    GANs can be used to solve problems related to:


    • Image Synthesis and Generation
    • Image-to-Image Translation
    • Text-to-Image Synthesis
    • Data Augmentation
    • Data Generation for Training
    WAYS TO IMPROVE GANs
    Learning Rate Scheduling

    • Implement learning rate scheduling for the optimizers. This can help
    stabilize training and achieve better convergence.
    Weight Initialization

    • Use a better weight initialization strategy.


    • For example- Initializing the weights with a normal distribution (e.g.,
    nn.init.normal_) can sometimes help with convergence.
    Architecture Tweaks

    • Experiment with deeper or wider architectures for both the generator and
    discriminator.
    • Consider using transposed convolutions (nn.ConvTranspose2d) in the
    generator instead of upsampling followed by convolutions.
    Spectral Normalization
    • Spectral Normalization is a weight normalization technique that scales the
    weights in a neural network layer by the largest singular value (also known as
    the spectral norm) of the weight matrix.
    • Spectral normalization to the discriminator's convolutional layers can help
    stabilize training and prevent mode collapse.
    Loss Function Modification

    • Explore alternative loss functions, such as Wasserstein loss, cross entropy,


    etc, in combination with gradient penalties.
    Pros and Cons
    ADVANTAGES:
    • Synthetic data generation
    • High-quality results
    • Unsupervised learning
    • Versatility
    LIMITATIONS:
    • Overfitting
    • Computational cost
    • Bias and Fairness
    • Training instability
    • It is a challenging task to ensure accountability, transparency and fairness in their
    applications.
    MalGAN
    "Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN"
    INTRODUCTION

    • MalGAN is capable of producing adversarial malware examples to evade


    black-box machine learning-based malware detection systems.
    • The authors highlight the vulnerability of machine learning algorithms to
    intentional attacks and the motivation of malware authors to bypass
    detection systems.
    • They emphasize the limitations of traditional gradient-based adversarial
    example generation algorithms and propose MalGAN as a more effective
    solution.
    ARCHITECTURE
    BLACK-BOX DETECTOR

    • The black-box detector is an external system which adopts machine learning


    based malware detection algorithms.
    • We assume that the only thing malware authors know about the black-box
    detector is what kind of features it uses.
    • Malware authors do not know what machine learning algorithm it uses and do
    not have access to the parameters of the trained model.
    • Malware authors are able to get the detection results of their programs from
    the black-box detector.
    WORKING

    • MalGAN leverages a substitute detector to fit the black-box malware detection system
    and uses a generative network to minimize the malicious probabilities predicted by the
    substitute detector.
    • The authors conducted experiments using a dataset of 180,000 programs and
    demonstrated that MalGAN is successful in generating adversarial examples that
    significantly reduce the detection rate to nearly zero.
    • They also compared the performance of MalGAN with a gradient-based algorithm and
    found that MalGAN outperforms the gradient-based approach by achieving nearly
    zero true positive rates on both training and test sets.
    Training Procedure

    • BBBenign is the set of programs that are recognized as benign by the black-box
    detector, and BBMalware is the set of programs that are detected as malware
    by the black-box detector.
    • To train the substitute detector, LD should be minimized with respect to the
    weights of the substitute detector.
    • The loss function of the generator is defined in Formula 3.
    Training Algorithm
    Impact of retraining the black-box detector
    on the effectiveness of MalGAN
    • The impact of retraining the black-box detector on the effectiveness of MalGAN is
    significant. The document highlights that when the black-box detector is retrained on
    adversarial examples generated by MalGAN, it is able to detect all adversarial examples,
    resulting in a true positive rate (TPR) of close to 100% on both the training and test sets.
    • However, once the updated black-box detector is released publicly, malware authors can
    retrain MalGAN to attack the new black-box detector.
    • This dynamic adversarial process allows the black-box detector to hardly detect any
    malware again, as the TPR can be reduced from 100% to 0% within one epoch during
    retraining MalGAN.
    More from the MalGAN research paper...

    • Furthermore, the document emphasizes that the process of retraining the black-box
    detector is time-consuming, as antivirus vendors need to collect enough adversarial
    examples, label them, and retrain the detector.
    • This provides adversarial malware examples with enough time to propagate before the
    black-box detector is retrained and updated.
    • Once the black-box detector is updated, malware authors can immediately retrain
    MalGAN, and the experiments showed that retraining takes much less time than the initial
    training.
    Limitations of MalGAN

    • Mode Collapse
    • Training Instability
    • Evaluation Metrics
    • Hyperparameter Sensitivity
    • Limited Understanding of Latent Space
    • Training Time and Resources
    • Sensitive to Initialization
    • Ethical Concerns
    SAGAN
    Self-Attention Generative Adversarial Networks
    Why do we need SAGAN?

    • SAGAN is important because it represents a major step forward in the field of


    image generation.
    • Its attention mechanism allows for more fine-grained control over the
    generation process, resulting in images that are higher in quality and more
    realistic than those produced by traditional GANs.
    • Additionally, SAGAN can generate higher-resolution images than other GANs,
    making it ideal for tasks such as super-resolution and texture synthesis.
    What does Self Attention mean?

    • In the context of SAGAN (Self-Attention Generative Adversarial


    Network), "self-attention" refers to a mechanism that allows the network
    to focus on different parts of the input sequence when generating the
    output.
    • This attention mechanism helps the network capture long-range
    dependencies and relationships between different elements in the input.
    SAGAN: Attention mechanism and Architecture
    Input Representation:
    • The input to the attention mechanism is a set of feature maps or vectors obtained from the previous layer in
    the neural network.
    Key, Query, and Value Computation:
    • Each input feature vector is linearly transformed into three vectors: Key (K), Query (Q), and Value (V). These
    transformations are learned during the training process.
    Dot-Product Attention:
    • For each position in the input, the attention score with respect to other positions is computed by taking the
    dot product of the Query vector at that position with the Key vectors at all positions. This represents how
    much focus should be given to other positions when considering the current position.
    Scaled Attention Scores:
    • The dot products are scaled by the square root of the dimension of the Key vectors. This scaling is
    introduced to prevent the gradients from becoming too small during backpropagation.
    Softmax and Weighted Sum:
    • The scaled attention scores are passed through a softmax function to obtain normalized attention weights.
    These weights determine how much each position contributes to the final attention.
    Output:
    • The output of the attention mechanism is a set of context-aware feature vectors, where each vector has
    SAGAN Architecture
    SAGAN: Training Algorithm
    APPLICATIONS
    • Image Generation
    • Data Augmentation
    • Style Transfer
    • Image-to-Image Translation
    • Super-Resolution
    • Anomaly Detection
    • Drug Discovery
    • Face Aging and Deaging
    • Virtual Reality (VR) and Gaming
    • Art and Creativity
    CURRENT CHALLENGES AND FUTURE DIRECTIONS

    • Training Stability and Convergence


    • Memory and Computational Requirements
    • Interpretability and Control
    • Evaluation Metrics and Benchmarking
    • Ethical Considerations and Bias
    • Real-Time Applications and Efficiency
    • Hybrid Models and Multimodal Generation.
    • Addressing Mode Collapse and Image Artifacts
    • Dynamic Adaptation to Input Variability
    • Handling Large-Scale and Unstructured Data
    CONCLUSION

    • This research journey underscores the transformative impact of Generative Adversarial


    Networks (GANs) in the realm of generative modeling. The evolution from traditional GANs to
    specialized variants like MALGAN and SAGAN reflects the dynamic nature of this field.
    • In MALGAN, the impact of retraining the black-box detector on the effectiveness of MalGAN is
    that it leads to a dynamic adversarial process, making it difficult for machine learning-based
    malware detection algorithms to work effectively. This highlights the challenges faced by
    antivirus vendors in defending against adversarial attacks and the evolving nature of the
    adversarial process.
    • SAGAN, with its incorporation of self-attention mechanisms, has demonstrated advancements
    in capturing long-range dependencies and improving image coherence. Its versatility is evident
    in applications ranging from image synthesis to style transfer.
    • As the field progresses, challenges such as training stability and ethical considerations persist,
    prompting ongoing research efforts. Comparative studies between GAN variants, including
    MALGAN and SAGAN, offer valuable insights into their unique contributions.
    THANK YOU

    Made by:
    KARTIK BHASIN
    (RESEARCH INTERN AT SAG, DRDO)
    DTU (3rd Year)

    You might also like