Robustness Learning via Decision Tree Search Robust Optimisation

22/11/2021

Robustness Learning via Decision Tree Search Robust Optimisation

Yi-Ling Liu, Alessio Lomuscio

Keywords: adversarial learning, robustness, decision tree search

Abstract Paper Similar Papers

Abstract: We present a novel method for robustness training for ReLU-based deep neural networks. The method involves a decision tree search targeting the worst-case data points to generate adversarial examples. We combine the decision tree search method with robust optimisation to train a robust model while maintaining accuracy at comparably lower computational effort than SoA methods. The efficiency is obtained by focusing on small regions centred around the input that have significant potential to generate adversarial samples. We implemented the resulting method in the framework DTSRobust, which was evaluated against state-of-the-art defence methods on MNIST and CIFAR10 datasets. In experiments, DTSRobust achieved a 14.2% gain on efficiency against the state-of-the-art defence methods in MNIST and 10.3% of that in CIFAR10 while maintaining similar accuracy.

0

0

0

0

Share

This is an embedded video. Talk and the respective paper are published at BMVC 2021 virtual conference. If you are one of the authors of the paper and want to manage your upload, see the question "My papertalk has been externally embedded..." in the FAQ section.

Comments

Post Comment

no comments yet

Similar Papers

14/06/2020

QEBA: Query-Efficient Boundary-Based Blackbox Attack

Huichen Li, Xiaojun Xu, Xiaolu Zhang and
Shuang Yang, Bo Li

Keywords Paper

adversarial machine learning, black-box attack, boundary-based attack, attacking public api

0

0

0

0

1:01

26/04/2020

Mixed Precision DNNs: All you need is a good parametrization

Stefan Uhlich, Lukas Mauch, Fabien Cardinaux and
Kazuki Yoshiyama, Javier Alonso Garcia, Stephen Tiedemann, Thomas Kemp, Akira Nakamura

Keywords Paper

Deep Neural Network Compression, Quantization, Straight through gradients

1

0

0

0

5:11

03/05/2021

BRECQ: Pushing the Limit of Post-Training Quantization by Block Reconstruction

Yuhang Li, Ruihao Gong, Xu Tan and
Yang Yang, Peng Hu, Qi Zhang, fengwei yu, Wei Wang, Shi Gu

Keywords Paper

Second-order analysis, Mixed Precision, Post Training Quantization

0

0

0

0

4:36

06/12/2021

Test-Time Classifier Adjustment Module for Model-Agnostic Domain Generalization

Yusuke Iwasawa, Yutaka Matsuo

Keywords Paper

deep learning, optimization, transformers, domain adaptation

0

0

0

0

13:50

06/12/2021

Adversarial Feature Desensitization

Pouya Bashivan, Reza Bayat, Adam Ibrahim and
Kartik Ahuja, Mojtaba Faramarzi, Touraj Laleh, Blake Richards, Irina Rish

Keywords Paper

deep learning, robustness, adversarial robustness and security, domain adaptation

0

0

0

0

13:27

02/02/2021

Adversarial Training and Provable Robustness: A Tale of Two Objectives

Jiameng Fan, Wenchao Li

Keywords Paper

0

0

0

0

16:37

06/12/2020

Semi-Supervised Neural Architecture Search

Renqian Luo, Xu Tan, Rui Wang and
Tao Qin, Enhong Chen, Tie-Yan Liu

Keywords Paper

0

0

0

0

3:20

06/12/2020

Posterior Re-calibration for Imbalanced Datasets

Junjiao Tian, Yen-Cheng Liu, Nathaniel Glaser and
Yen-Chang Hsu, Zsolt Kira

Keywords Paper

Algorithms -> Few-Shot Learning, Applications -> Computer Vision

0

0

0

0

3:23

02/02/2021

Amata: An Annealing Mechanism for Adversarial Training Acceleration

Nanyang Ye, Qianxiao Li, Xiao-Yun Zhou, Zhanxing Zhu

Keywords Paper

0

0

0

0

14:30

03/05/2021

Learning N:M Fine-grained Structured Sparse Neural Networks From Scratch

Aojun Zhou, Yukun Ma, Junnan Zhu and
Jianbo Liu, Zhijie Zhang, Kun Yuan, Wenxiu Sun, Hongsheng Li

Keywords Paper

sparsity, efficient training and inference.

0

0

0

0

5:09

06/12/2020

ISTA-NAS: Efficient and Consistent Neural Architecture Search by Sparse Coding

Yibo Yang, Hongyang Li, Shan You and
Fei Wang, Chen Qian, Zhouchen Lin

Keywords Paper

0

0

0

0

3:19

12/07/2020

Detecting Out-of-Distribution Examples with Gram Matrices

Chandramouli Shama Sastry, Sageev Oore

Keywords Paper

Fairness, Equity, Justice, and Safety

0

0

0

0

12:40

03/05/2021

A Panda? No, It's a Sloth: Slowdown Attacks on Adaptive Multi-Exit Neural Network Inference

Sanghyun Hong, Yigitcan Kaya, Ionut-Vlad Modoranu, Tudor Dumitras

Keywords Paper

efficient inference, adversarial examples, input-adaptive multi-exit neural networks, Slowdown attacks

0

0

0

0

10:24

12/07/2020

Minimally distorted Adversarial Examples with a Fast Adaptive Boundary Attack

Francesco Croce, Matthias Hein

Keywords Paper

Adversarial Examples

0

0

0

0

15:12

06/12/2021

Progressive Feature Interaction Search for Deep Sparse Network

Chen Gao, Yinfeng Li, Quanming Yao and
Depeng Jin, Yong Li

Keywords Paper

deep learning, machine learning

1

0

0

0

14:01

05/04/2021

Lost in Pruning: The Effects of Pruning Neural Networks beyond Test Accuracy

Lucas Liebenwein, Cenk Baykal, Brandon Carter and
David Gifford, Daniela Rus

Keywords Paper

0

0

0

0

20:21

05/04/2021

Lost in Pruning: The Effects of Pruning Neural Networks beyond Test Accuracy

Lucas Liebenwein, Cenk Baykal, Brandon Carter and
David Gifford, Daniela Rus

Keywords Paper

0

0

0

0

5:51

14/06/2020

GP-NAS: Gaussian Process Based Neural Architecture Search

Zhihang Li, Teng Xi, Jiankang Deng and
Gang Zhang, Shengzhao Wen, Ran He

Keywords Paper

neural architecture search, gaussian process, image classification, face recognition

0

0

0

0

0:59

14/06/2020

Adversarial Vertex Mixup: Toward Better Adversarially Robust Generalization

Saehyung Lee, Hyungyu Lee, Sungroh Yoon

Keywords Paper

adversarial training, adversarially robust generalization, mixup, adversarial defense, adversarial examples, adversarial robustness, security

0

0

0

0

5:01

06/12/2021

Generic Neural Architecture Search via Regression

Yuhong Li, Cong Hao, Pan Li and
Jinjun Xiong, Deming Chen

Keywords Paper

deep learning, machine learning, self-supervised learning, vision, language

0

0

0

0

14:56

14/06/2020

What Machines See Is Not What They Get: Fooling Scene Text Recognition Models With Adversarial Text Images

Xing Xu, Jiefu Chen, Jinhui Xiao and
Lianli Gao, Fumin Shen, Heng Tao Shen

Keywords Paper

adversarial attack, scene text recognition, white-box attack, targeted attack, untargeted attack

0

0

0

0

5:00

12/07/2020

Adversarial Robustness via Runtime Masking and Cleansing

Yi-Hsuan Wu, Chia-Hung Yuan, Shan-Hung (Brandon) Wu

Keywords Paper

Adversarial Examples

0

0

0

0

13:38

26/04/2020

Learned step size quantization

Steven K. Esser, Jeffrey L. McKinstry, Deepika Bablani and
Rathinakumar Appuswamy, Dharmendra S. Modha

Keywords Paper

deep learning, low precision, classification, quantization

0

0

0

0

4:40

14/06/2020

UNAS: Differentiable Architecture Search Meets Reinforcement Learning

Arash Vahdat, Arun Mallya, Ming-Yu Liu, Jan Kautz

Keywords Paper

neural architecture search, nas, differentiable, hardware aware, latency, reinforcement learning

0

0

0

0

4:59

06/12/2021

Robust and Decomposable Average Precision for Image Retrieval

Elias Ramzi, Nicolas THOME, Clément Rambour and
Nicolas Audebert, Xavier Bitot

Keywords Paper

deep learning

0

0

0

0

8:13

14/06/2020

Unsupervised Deep Shape Descriptor With Point Distribution Learning

Yi Shi, Mengchen Xu, Shuaihang Yuan, Yi Fang

Keywords Paper

3d shape descriptor, 3d shape recognition, unsupervised learning of shape representation, 3d point distribution

0

0

0

0

1:01

03/05/2021

Zero-Cost Proxies for Lightweight NAS

Mohamed Abdelfattah, Abhinav Mehrotra, Łukasz Dudziak, Nic Lane

Keywords Paper

proxy, AutoML, NAS, pruning, efficient

0

0

0

0

4:06

06/12/2020

POMO: Policy Optimization with Multiple Optima for Reinforcement Learning

Yeong-Dae Kwon, Jinho Choo, Byoungjip Kim and
Iljoo Yoon, Youngjune Gwon, Seungjai Min

Keywords Paper

0

0

0

0

3:19

12/07/2020

Adversarial Neural Pruning with Latent Vulnerability Suppression

Divyam Madaan, Jinwoo Shin, Sung Ju Hwang

Keywords Paper

Adversarial Examples

0

0

0

0

14:43

22/11/2021

Model Composition: Can Multiple Neural Networks Be Combined into a Single Network Using Only Unlabeled Data?

Amin Banitalebi-Dehkordi, Xinyu Kang, Yong Zhang

Keywords Paper

Model Composition, Combining Neural Networks, Pseudo Label, Self Training, Label Aggregation, Combining Models

0

0

0

0

2:58

12/07/2020

Towards Understanding the Dynamics of the First-Order Adversaries

Zhun Deng, Hangfeng He, Jiaoyang Huang, Weijie Su

Keywords Paper

Adversarial Examples

0

0

0

0

11:05

03/05/2021

Auxiliary Learning by Implicit Differentiation

Aviv Navon, Idan Achituve, Haggai Maron and
Gal Chechik, Ethan Fetaya

Keywords Paper

Multi-task Learning, Auxiliary Learning

0

0

0

0

5:05

25/07/2020

Jointly non-sampling learning for knowledge graph enhanced recommendation

Chong Chen, Min Zhang, Weizhi Ma and
Yiqun Liu, Shaoping Ma

Keywords Paper

recommender systems, non-sampling learning, knowledge graph, implicit feedback, efficient

0

0

0

0

14:22

06/12/2020

Optimization and Generalization Analysis of Transduction through Gradient Boosting and Application to Multi-scale Graph Neural Networks

Kenta Oono, Taiji Suzuki

Keywords Paper

0

0

0

0

3:22

18/07/2021

Instabilities of Offline RL with Pre-Trained Neural Representation

Ruosong Wang, Yifan Wu, Russ Salakhutdinov, Sham Kakade

Keywords Paper

Reinforcement Learning and Planning

0

0

0

0

5:19

05/01/2021

Conflicting Bundles: Adapting Architectures Towards the Improved Training of Deep Neural Networks

David Peer, Sebastian Stabinger, Antonio Rodriguez-Sanchez

Keywords Paper

0

0

0

0

4:58

03/05/2021

Net-DNF: Effective Deep Modeling of Tabular Data

Liran Katzir, Gal Elidan, Ran El-Yaniv

Keywords Paper

Neural Networks, Predictive Modeling, Tabular Data, Architectures

0

0

0

0

5:10

03/05/2021

Influence Functions in Deep Learning Are Fragile

Samyadeep Basu, Phil Pope, Soheil Feizi

Keywords Paper

Influence Functions, Interpretability

0

0

1

1

6:15

04/08/2021

Adversarially Robust Low Dimensional Representations

Pranjal Awasthi, Vaggos Chatziafratis, Xue Chen, Aravindan Vijayaraghavan

Keywords Paper

0

0

0

0

20:19

03/05/2021

Complex Query Answering with Neural Link Predictors

Erik Arakelyan, Daniel Daza, Pasquale Minervini, Michael Cochez

Keywords Paper

neural link prediction, complex query answering

0

0

0

0

15:28