Thesis Details
Improving Robustness of Neural Networks against Adversarial Examples
This work discusses adversarial attacks to image classifier neural network models. Our goal is to summarize and demonstrate adversarial methods to show that they pose a serious issue in machine learning. The important contribution of this work is the implementation of a tool for training a robust model against adversarial examples. Our approach is to minimize maximization the loss function of the target model. Related work and our own experiments leads us to use Projected gradient descent as a target attack, therefore, we train against data generated by Projected gradient descent. As a result using the framework, we can achieve accuracy more than 90% against sophisticated adversarial attacks.
Neural networks, Optimization, Machine learning, Adversarial attack, Adversarial examples, Robustness, Adversarial machine learning
Grégr Matěj, Ing., Ph.D. (DIFS FIT BUT), člen
Hradiš Michal, Ing., Ph.D. (DCGM FIT BUT), člen
Kekely Lukáš, Ing., Ph.D. (DCSY FIT BUT), člen
Rogalewicz Adam, doc. Mgr., Ph.D. (DITS FIT BUT), člen
@bachelorsthesis{FITBT22999,
author = "Martin Ga\v{n}o",
type = "Bachelor's thesis",
title = "Improving Robustness of Neural Networks against Adversarial Examples",
school = "Brno University of Technology, Faculty of Information Technology",
year = 2020,
location = "Brno, CZ",
language = "english",
url = "https://www.fit.vut.cz/study/thesis/22999/"
}