Explaining and Harnessing Adversarial Examples in Machine Learning - Spring 2021

Overview

Explore the concept of adversarial examples in machine learning through this 27-minute lecture from the University of Central Florida. Delve into the history, motivation, and application of adversarial examples for both linear and non-linear models. Examine the Fast Gradient Sign Method (FGSM) and its experimental results on neural networks with different activation functions. Learn about adversarial training techniques for logistic regression and deep neural networks, comparing their effectiveness to L1 regularization. Investigate the generalization of adversarial examples across different models and consider alternative hypotheses. Analyze the strengths and weaknesses of adversarial training approaches, gaining a comprehensive understanding of this important topic in machine learning security and robustness.

Syllabus

Intro
Overview
Paper History and Authors
Motivation
Adversarial Examples for Linear Models
Adversarial Example for Non-Linear Models • Is it applicable for nonlinear models?
Summarizing FGSM
Experimental Results ► GSM band attack on Neural network with different activation function
Adversarial Training (AT)
FGSM Attack to a Logistic Regression Model
Adversarial Training for Logistic Regression Model
L1 regularization for Logistic Regression Model • To prevent the overfitting problem
Adversarial Training vs L1 weight decay • Training maxout networks on MNIST . Good results using adversarial training with = 0.25
Adversarial Training of DNN
Adversarial Trained Model
Other Considerations
Why Do Adversarial Examples Generalize?
Generalization of Adversarial Examples
Alternative Hypothesis
Strengths
Weaknesses
Summary