Thumbnail

Advocating for Multiple Defense Strategies against Adversarial Examples

Araujo, Alexandre; Meunier, Laurent; Pinot, Rafael; Negrevergne, Benjamin (2020), Advocating for Multiple Defense Strategies against Adversarial Examples, in Koprinska, Irena; Kamp, Michael; Appice, Annalisa, ECML PKDD 2020 Workshops (Proceedings), Springer International Publishing : Berlin Heidelberg. 10.1007/978-3-030-65965-3_11

View/Open
Type
Communication / Conférence
Date
2020
Conference title
Workshops of the European Conference on Machine Learning and Knowledge Discovery in Databases (ECML PKDD 2020): SoGood 2020, PDFL 2020, MLCS 2020, NFMCP 2020, DINA 2020, EDML 2020, XKDD 2020 and INRA 2020
Conference date
2020-09
Conference city
Ghent
Conference country
Belgium
Book title
ECML PKDD 2020 Workshops (Proceedings)
Book author
Koprinska, Irena; Kamp, Michael; Appice, Annalisa
Publisher
Springer International Publishing
Published in
Berlin Heidelberg
ISBN
978-3-030-65964-6
Publication identifier
Metadata
Show full item record
Author(s)
Araujo, Alexandre
Meunier, Laurent
Pinot, Rafael
Negrevergne, Benjamin
Laboratoire d'analyse et modélisation de systèmes pour l'aide à la décision [LAMSADE]
Abstract (EN)
It has been empirically observed that defense mechanisms designed to protect neural networks against adversarial examples offer poor performance against adversarial examples and vice versa. In this paper we conduct a geometrical analysis that validates this observation. Then, we provide a number of empirical insights to illustrate the effect of this phenomenon in practice. Then, we review some of the existing defense mechanisms that attempt to defend against multiple attacks by mixing defense strategies. Thanks to our numerical experiments, we discuss the relevance of this method and state open questions for the adversarial examples community.
Subjects / Keywords
geometrical analysis