[dsn’19] Deep Validation: Toward Detecting Real-world Corner Cases for Deep Neural Networks
Keywords: Robustness, Adversarial Example, Corner Case Detection
Takeaways:
Background
1. AE detection
Design
1. Motivation
Legitimate input range/probability distribution for every layer is ill-defined, this Is because:
- the decision functions of these layers are learned on their own rather than manually designed by the developers
- the classification rules they derive from the training data are encoded in millions of parameters, which are nearly impossible to translate
Key observation: images of different classes can fire different patterns and follow different paths when transferred from one area into another one when going through layers
(相同的label应该有相近的**路径/隐层表示, 不同的label的也不同)
2. Overview
每类每层train一个OCSVM,然后用signed distance最后算累计(求和)误差,大于一定阈值则判定为corner case
Experimental Results
Personal Response
+ Strengths:
- Weaknesses:
【转载声明】 转载或引用本博客文章请注明出处 – AISecPaperShare