GraN: An efficient gradient-norm based detector for adversarial and misclassified examples

Julia Lust, Alexandru P. Condurache

Abstract

Deep neural networks (DNNs) are vulnerable to adversarial examples and other data perturbations. Especially in safety critical applications of DNNs, it is therefore crucial to detect misclassified samples. The current state-of-the-art detection methods require either significantly more runtime or more parameters than the original network itself. This paper therefore proposes GraN, a time- and parameter-efficient method that is easily adaptable to any DNN. GraN is based on the layer-wise norm of the DNN's gradient regarding the loss of the current input-output combination, which can be computed via backpropagation. GraN achieves state-of-the-art performance on numerous problem set-ups.

OriginalspracheEnglisch
Seitenumfang6
PublikationsstatusVeröffentlicht - 10.2020
VeranstaltungEuropean Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning 2020 - Brügge, Belgien
Dauer: 02.10.202004.10.2020

Tagung, Konferenz, Kongress

Tagung, Konferenz, KongressEuropean Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning 2020
KurztitelESANN 2020
Land/GebietBelgien
OrtBrügge
Zeitraum02.10.2004.10.20

Fingerprint

Untersuchen Sie die Forschungsthemen von „GraN: An efficient gradient-norm based detector for adversarial and misclassified examples“. Zusammen bilden sie einen einzigartigen Fingerprint.

Zitieren