FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2781036271> ?p ?o ?g. }

• W2781036271 abstract "A significant threat to the recent, wide deployment of machine learning-based systems, including deep neural networks (DNNs), is adversarial learning attacks. We analyze possible test-time evasion-attack mechanisms and show that, in some important cases, when the image has been attacked, correctly classifying it has no utility: i) when the image to be attacked is (even arbitrarily) selected from the attacker's cache; ii) when the sole recipient of the classifier's decision is the attacker. Moreover, in some application domains and scenarios it is highly actionable to detect the attack irrespective of correctly classifying in the face of it (with classification still performed if no attack is detected). We hypothesize that, even if human-imperceptible, adversarial perturbations are machine-detectable. We propose a purely unsupervised anomaly detector (AD) that, unlike previous works: i) models the joint density of a deep layer using highly suitable null hypothesis density models (matched in particular to the non- negative support for RELU layers); ii) exploits multiple DNN layers; iii) leverages a and destination class concept, source class uncertainty, the class confusion matrix, and DNN weight information in constructing a novel decision statistic grounded in the Kullback-Leibler divergence. Tested on MNIST and CIFAR-10 image databases under three prominent attack strategies, our approach outperforms previous detection methods, achieving strong ROC AUC detection accuracy on two attacks and better accuracy than recently reported for a variety of methods on the strongest (CW) attack. We also evaluate a fully white box attack on our system. Finally, we evaluate other important performance measures, such as classification accuracy, versus detection rate and attack strength." @default.
• W2781036271 created "2018-01-05" @default.
• W2781036271 creator A5049853144 @default.
• W2781036271 creator A5063903486 @default.
• W2781036271 creator A5065071631 @default.
• W2781036271 date "2017-12-18" @default.
• W2781036271 modified "2023-09-27" @default.
• W2781036271 title "When Not to Classify: Anomaly Detection of Attacks (ADA) on DNN Classifiers at Test Time" @default.
• W2781036271 hasPublicationYear "2017" @default.
• W2781036271 type Work @default.
• W2781036271 sameAs 2781036271 @default.
• W2781036271 citedByCount "1" @default.
• W2781036271 countsByYear W27810362712019 @default.
• W2781036271 crossrefType "posted-content" @default.
• W2781036271 hasAuthorship W2781036271A5049853144 @default.
• W2781036271 hasAuthorship W2781036271A5063903486 @default.
• W2781036271 hasAuthorship W2781036271A5065071631 @default.
• W2781036271 hasConcept C115961682 @default.
• W2781036271 hasConcept C119857082 @default.
• W2781036271 hasConcept C138602881 @default.
• W2781036271 hasConcept C153180895 @default.
• W2781036271 hasConcept C154945302 @default.
• W2781036271 hasConcept C165696696 @default.
• W2781036271 hasConcept C2984842247 @default.
• W2781036271 hasConcept C35525427 @default.
• W2781036271 hasConcept C38652104 @default.
• W2781036271 hasConcept C41008148 @default.
• W2781036271 hasConcept C50644808 @default.
• W2781036271 hasConcept C739882 @default.
• W2781036271 hasConcept C75294576 @default.
• W2781036271 hasConcept C95623464 @default.
• W2781036271 hasConceptScore W2781036271C115961682 @default.
• W2781036271 hasConceptScore W2781036271C119857082 @default.
• W2781036271 hasConceptScore W2781036271C138602881 @default.
• W2781036271 hasConceptScore W2781036271C153180895 @default.
• W2781036271 hasConceptScore W2781036271C154945302 @default.
• W2781036271 hasConceptScore W2781036271C165696696 @default.
• W2781036271 hasConceptScore W2781036271C2984842247 @default.
• W2781036271 hasConceptScore W2781036271C35525427 @default.
• W2781036271 hasConceptScore W2781036271C38652104 @default.
• W2781036271 hasConceptScore W2781036271C41008148 @default.
• W2781036271 hasConceptScore W2781036271C50644808 @default.
• W2781036271 hasConceptScore W2781036271C739882 @default.
• W2781036271 hasConceptScore W2781036271C75294576 @default.
• W2781036271 hasConceptScore W2781036271C95623464 @default.
• W2781036271 hasLocation W27810362711 @default.
• W2781036271 hasOpenAccess W2781036271 @default.
• W2781036271 hasPrimaryLocation W27810362711 @default.
• W2781036271 hasRelatedWork W2604148567 @default.
• W2781036271 hasRelatedWork W2740775242 @default.
• W2781036271 hasRelatedWork W2898780854 @default.
• W2781036271 hasRelatedWork W2968339684 @default.
• W2781036271 hasRelatedWork W2973571250 @default.
• W2781036271 hasRelatedWork W3016340134 @default.
• W2781036271 hasRelatedWork W3040204705 @default.
• W2781036271 hasRelatedWork W3041569550 @default.
• W2781036271 hasRelatedWork W3041787576 @default.
• W2781036271 hasRelatedWork W3094566724 @default.
• W2781036271 hasRelatedWork W3134265469 @default.
• W2781036271 hasRelatedWork W3135442688 @default.
• W2781036271 hasRelatedWork W3159273500 @default.
• W2781036271 hasRelatedWork W3164837107 @default.
• W2781036271 hasRelatedWork W3175258143 @default.
• W2781036271 hasRelatedWork W3200240152 @default.
• W2781036271 hasRelatedWork W3202908052 @default.
• W2781036271 hasRelatedWork W3204936518 @default.
• W2781036271 hasRelatedWork W2415859198 @default.
• W2781036271 hasRelatedWork W3137117852 @default.
• W2781036271 isParatext "false" @default.
• W2781036271 isRetracted "false" @default.
• W2781036271 magId "2781036271" @default.
• W2781036271 workType "article" @default.