ログイン
Language:

WEKO3

  • トップ
  • ランキング
To
lat lon distance
To

Field does not validate



インデックスリンク

インデックスツリー

メールアドレスを入力してください。

WEKO

One fine body…

WEKO

One fine body…

アイテム

  1. NIIテクニカル・レポート

NII Technical Report (NII-2016-005E):The Vulnerability of Learning to Adversarial Perturbation Increases with Intrinsic Dimensionality

https://doi.org/10.20736/0002000343
https://doi.org/10.20736/0002000343
58e9e162-96ca-41ad-8f8c-5600db608eb5
名前 / ファイル ライセンス アクション
16-005E.pdf NII Technical Report (NII-2016-005E):The Vulnerability of Learning to Adversarial Perturbation Increases with Intrinsic Dimensionality (1.9 MB)
アイテムタイプ レポート / Report(1)
公開日 2022-06-09
タイトル
タイトル NII Technical Report (NII-2016-005E):The Vulnerability of Learning to Adversarial Perturbation Increases with Intrinsic Dimensionality
言語 en
言語
言語 eng
キーワード
言語 ja
主題Scheme Other
主題 テクニカルレポート
キーワード
言語 en
主題Scheme Other
主題 Technical Report
資源タイプ
資源 http://purl.org/coar/resource_type/c_6501
タイプ departmental bulletin paper
ID登録
ID登録 10.20736/0002000343
ID登録タイプ JaLC
著者 Amsaleg, Laurent

× Amsaleg, Laurent

en Amsaleg, Laurent

Search repository
Bailey, James

× Bailey, James

en Bailey, James

Search repository
Erfani, Sarah

× Erfani, Sarah

en Erfani, Sarah

Search repository
Furon, Teddy

× Furon, Teddy

en Furon, Teddy

Search repository
Houle, Michael E.

× Houle, Michael E.

en Houle, Michael E.

Search repository
Radovanović, Miloš

× Radovanović, Miloš

en Radovanović, Miloš

Search repository
Vinh, Nguyen Xuan

× Vinh, Nguyen Xuan

en Vinh, Nguyen Xuan

Search repository
抄録
内容記述タイプ Abstract
内容記述 Recent research has shown that machine learning systems, including state-of-the-art deep neural networks, are vulnerable to adversarial attacks. By adding to the input object an imperceptible amount of adversarial noise, it is highly likely that the classifier can be tricked into assigning the modified object to any desired class. Furthermore, these adversarial samples generalize well across models: samples generated using one network can often succeed in fooling other networks or machine learning models. These alarming properties of adversarial samples have drawn increasing interest recently, with several researchers having attributed the adversarial effect to different factors, such as the high dimensionality of the data or the overly-linear nature of modern neural networks. Nevertheless, a complete picture of the cause of adversarial samples has not yet emerged. Towards this goal, we present a novel theoretical result that formally links the adversarial vulnerability of learning to the intrinsic dimensionality of the data. In particular, our investigation formally establishes that as the local intrinsic dimensionality (LID) increases, 1-NN classifiers become increasingly prone to being subverted. We show that in expectation, a k-nearest neighbor of a test point can be transformed into its 1-nearest neighbor by adding an amount of noise that diminishes as the LID increases. We also provide an experimental validation of the impact of LID on adversarial perturbation for both synthetic and real data, and discuss the implications of our result for general classifiers.
言語 en
書誌情報 ja : NIIテクニカル・レポート
en : NII Technical Report

p. 1-15, 発行日 2016-06-06
出版者
出版者 国立情報学研究所
言語 ja
ISSN
収録物識別子タイプ ISSN
収録物識別子 1346-5597
戻る
0
views
See details
Views

Versions

Ver.1 2022-06-09 00:52:55.926536
Show All versions

Share

Share
tweet

Cite as

Other

print

エクスポート

OAI-PMH
  • OAI-PMH JPCOAR 2.0
  • OAI-PMH JPCOAR 1.0
  • OAI-PMH DublinCore
  • OAI-PMH DDI
Other Formats
  • JSON
  • BIBTEX
  • ZIP

コミュニティ

確認

確認

確認


Powered by WEKO3


Powered by WEKO3