论文标题
强大的CNN的前端两端
Polarizing Front Ends for Robust CNNs
论文作者
论文摘要
深神经网络对小型,对抗设计的扰动的脆弱性可以归因于其“过度线性”。在本文中,我们提出了一种自下而上的策略,用于使用非线性前端来减弱对抗性扰动,该前端对数据偏振和量化数据。我们观察到,理想的极化可以完全消除扰动,开发算法以学习数据的近似偏振碱,并研究提出的策略对MNIST和时尚MNIST数据集的有效性。
The vulnerability of deep neural networks to small, adversarially designed perturbations can be attributed to their "excessive linearity." In this paper, we propose a bottom-up strategy for attenuating adversarial perturbations using a nonlinear front end which polarizes and quantizes the data. We observe that ideal polarization can be utilized to completely eliminate perturbations, develop algorithms to learn approximately polarizing bases for data, and investigate the effectiveness of the proposed strategy on the MNIST and Fashion MNIST datasets.
