Loading [MathJax]/extensions/MathMenu.js
Analyzing the Noise Robustness of Deep Neural Networks | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >2018 IEEE Conference on Visua...

Analyzing the Noise Robustness of Deep Neural Networks

PDF
Mengchen Liu; Shixia Liu; Hang Su; Kelei Cao; Jun Zhu
All Authors

Abstract:

Deep neural networks (DNNs) are vulnerable to maliciously generated adversarial examples. These examples are intentionally designed by making imperceptible perturbations ...Show More

Metadata

Abstract:

Deep neural networks (DNNs) are vulnerable to maliciously generated adversarial examples. These examples are intentionally designed by making imperceptible perturbations and often mislead a DNN into making an incorrect prediction. This phenomenon means that there is significant risk in applying DNNs to safety-critical applications, such as driverless cars. To address this issue, we present a visual analytics approach to explain the primary cause of the wrong predictions introduced by adversarial examples. The key is to analyze the datapaths of the adversarial examples and compare them with those of the normal examples. A datapath is a group of critical neurons and their connections. To this end, we formulate the datapath extraction as a subset selection problem and approximately solve it based on back-propagation. A multi-level visualization consisting of a segmented DAG (layer level), an Euler diagram (feature map level), and a heat map (neuron level), has been designed to help experts investigate datapaths from the high-level layers to the detailed neuron activations. Two case studies are conducted that demonstrate the promise of our approach in support of explaining the working mechanism of adversarial examples.
Published in: 2018 IEEE Conference on Visual Analytics Science and Technology (VAST)
Date of Conference: 21-26 October 2018
Date Added to IEEE Xplore: 19 August 2019
ISBN Information:
DOI: 10.1109/VAST.2018.8802509
Conference Location: Berlin, Germany
Contents

1 Introduction

Deep neural networks (DNNs) have evolved to become state-of-the-art in a torrent of artificial intelligence applications, such as image classification and language translation [26, 29, 59, 60]. However, researchers have recently found that DNNs are generally vulnerable to maliciously generated adversarial examples, which are intentionally designed to mislead a DNN into making incorrect predictions [34, 37, 53, 63]. For example, an attacker can modify an image of a panda (IA in Fig. 1) slightly, even imperceptibly to human eyes, and the generated adversarial example (IB in Fig. 1) is able to mislead a state-of-the-art DNN [21] to classify it as something else entirely (e.g., a monkey), because the DNN detects a monkey’s face in the top right corner of the adversarial example (Fig. 11A). This phenomenon brings high risk in applying DNNs to safety- and security-critical applications, such as driverless cars, facial recognition ATMs, and Face ID security on mobile phones [1]. Hence, there is a growing need to understand the inner workings of adversarial examples and identify the root cause of the incorrect predictions.

Contact IEEE to Subscribe
More Like This
Interactive Machine Learning Tool for Clustering in Visual Analytics

2020 IEEE 7th International Conference on Data Science and Advanced Analytics (DSAA)

Published: 2020

Antiferromagnetic Artificial Neuron Modeling of Biological Neural Networks

2023 IEEE International Magnetic Conference - Short Papers (INTERMAG Short Papers)

Published: 2023

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.