arXiv:2211.10227 Abstract | arXiv Analytics

arXiv:2211.10227 [cs.LG]Abstract References Reviews Resources

Adversarial Detection by Approximation of Ensemble Boundary

Published 2022-11-18Version 1

A spectral approximation of a Boolean function is proposed for approximating the decision boundary of an ensemble of Deep Neural Networks (DNNs) solving two-class pattern recognition problems. The Walsh combination of relatively weak DNN classifiers is shown experimentally to be capable of detecting adversarial attacks. By observing the difference in Walsh coefficient approximation between clean and adversarial images, it appears that transferability of attack may be used for detection. Approximating the decision boundary may also aid in understanding the learning and transferability properties of DNNs. While the experiments here use images, the proposed approach of modelling two-class ensemble decision boundaries could in principle be applied to any application area.

Comments: 8 pages, 8 figures, 8 tables

Categories: cs.LG, cs.AI, cs.CR, cs.CV

Keywords: decision boundary, adversarial detection, ensemble boundary, modelling two-class ensemble decision boundaries, relatively weak dnn classifiers

Related articles: Most relevant | Search more

arXiv:1805.05532 [cs.LG] (Published 2018-05-15)

Improving Knowledge Distillation with Supporting Adversarial Samples

Byeongho Heo, Minsik Lee, Sangdoo Yun, Jin Young Choi

arXiv:2011.09645 [cs.LG] (Published 2020-11-19)

Finding the Homology of Decision Boundaries with Active Learning

Weizhi Li, Gautam Dasarathy, Karthikeyan Natesan Ramamurthy, Visar Berisha

arXiv:1908.02802 [cs.LG] (Published 2019-08-07)

Investigating Decision Boundaries of Trained Neural Networks