Anthill Inside
Anthill Inside

Anthill Inside 2017

On theory and concepts in Machine Learning, Deep Learning and Artificial Intelligence. Formerly Deep Learning Conf.

All submissions
This submission has been added to the schedule

Powered by VideoKen

Session video
Submission video

Konda Reddy Mopuri

@mkreddy

Adversarial attacks on deep learning models

Submitted Jun 10, 2017

Section: Full talk Technical level: Intermediate

Recent researh efforts show that deep learning models are vulnerable to small but structured perturbations. This quasi-imperceptible noise can fool the state-of-the-art deep models (eg: object recognition CNNs) to infer wrong predictions. This noise is referred to as adversarial perturbation. It is shown that perturbation computed for one network is able to fool a new network trained with different architecture or subset of training data. Transferability of these adversarial perturbations across multiple networks is a serious issue for deploying the models. In my talk, I would introduce the concept of adversarial images/attacks and discuss recent developments in this area. Takeaways from my talk would be, (i) To understand a fundamental problem (existance adversarial perturbations) that exists with today’s deep learning, (ii) Some of the existing approaches to craft the adversarial attacks and (iii) Most efficient techniques to date for defending deep learned models against them. This would be very relevant to everybody who wants to train or deploy a deep network (for eg: object recognition, semantic segmentation, etc).

Outline

Introduction (~10 mins): I will talk about what adversarial images are, talk about why they are a serious issue and convince that it an important and worthy excercise to study them.
Adversarial attacks (~15 mins): I will introduce some of the seminal works that revealed this intriguing property of current deep learning models.
Techniques to defend (10 mins): This part of the talk is dedicated to discuss some of the most effective defending techniques to date against these attacks.
Interaction (~ 5mins): Q&A

Speaker bio

Konda Reddy Mopuri is currently a PhD student at the Department of Computational and Data Sciences, Indian Institute of Science (IISc), Bangalore. He obtained a masters degree from Indian Institute of Technology Kharagpur in Visual information processing and Embedded systems. Before he joined IISc for a PhD, he worked in Samsung India for a brief one year. His research interest is to apply deep learning techniques to solve various computer vision problems. Lately, he has been working towards learning and understanding deep learned visual representations. (weblink: https://sites.google.com/site/kreddymopuri/)

Slides

https://drive.google.com/file/d/0B03bwxgziaQyUS12aGdjZG9Tb3c/view?usp=sharing

All submissions

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Register

Hosted by

Anthill Inside
Anthill Inside
Anthill Inside is a forum for conversations about risk mitigation and governance in Artificial Intelligence and Deep Learning. AI developers, researchers, startup founders, ethicists, and AI enthusiasts are encouraged to: more