Having Second Thoughts? Let's hear it

• URL: http://arxiv.org/abs/2311.15356v2
• Date: Fri, 31 May 2024 12:53:36 GMT
• Title: Having Second Thoughts? Let's hear it
• Authors: Jung H. Lee, Sujith Vijayan,
• Abstract summary: Deep learning models loosely mimic bottom-up signal pathways from low-order sensory areas to high-order cognitive areas. After training, DL models can outperform humans on some domain-specific tasks, but their decision-making process has been known to be easily disrupted. We propose a certification process mimicking selective attention and test if it could make DL models more robust.
• Score: 0.36832029288386137
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Deep learning models loosely mimic bottom-up signal pathways from low-order sensory areas to high-order cognitive areas. After training, DL models can outperform humans on some domain-specific tasks, but their decision-making process has been known to be easily disrupted. Since the human brain consists of multiple functional areas highly connected to one another and relies on intricate interplays between bottom-up and top-down (from high-order to low-order areas) processing, we hypothesize that incorporating top-down signal processing may make DL models more robust. To address this hypothesis, we propose a certification process mimicking selective attention and test if it could make DL models more robust. Our empirical evaluations suggest that this newly proposed certification can improve DL models' accuracy and help us build safety measures to alleviate their vulnerabilities with both artificial and natural adversarial examples.

Related papers

• Advancing the Robustness of Large Language Models through Self-Denoised Smoothing [50.54276872204319]
  Large language models (LLMs) have achieved significant success, but their vulnerability to adversarial perturbations has raised considerable concerns. We propose to leverage the multitasking nature of LLMs to first denoise the noisy inputs and then to make predictions based on these denoised versions. Unlike previous denoised smoothing techniques in computer vision, which require training a separate model to enhance the robustness of LLMs, our method offers significantly better efficiency and flexibility.
  arXiv  Detail & Related papers  (2024-04-18T15:47:00Z)
• Towards a robust and reliable deep learning approach for detection of compact binary mergers in gravitational wave data [0.0]
  We develop a deep learning model stage-wise and work towards improving its robustness and reliability. We retrain the model in a novel framework involving a generative adversarial network (GAN) Although absolute robustness is practically impossible to achieve, we demonstrate some fundamental improvements earned through such training.
  arXiv  Detail & Related papers  (2023-06-20T18:00:05Z)
• Enhancing Multiple Reliability Measures via Nuisance-extended Information Bottleneck [77.37409441129995]
  In practical scenarios where training data is limited, many predictive signals in the data can be rather from some biases in data acquisition. We consider an adversarial threat model under a mutual information constraint to cover a wider class of perturbations in training. We propose an autoencoder-based training to implement the objective, as well as practical encoder designs to facilitate the proposed hybrid discriminative-generative training.
  arXiv  Detail & Related papers  (2023-03-24T16:03:21Z)
• A Study on FGSM Adversarial Training for Neural Retrieval [3.2634122554914]
  Neural retrieval models have acquired significant effectiveness gains over the last few years compared to term-based methods. However, those models may be brittle when faced to typos, distribution shifts or vulnerable to malicious attacks. We show that one of the most simple adversarial training techniques -- the Fast Gradient Sign Method (FGSM) -- can improve first stage rankers robustness and effectiveness.
  arXiv  Detail & Related papers  (2023-01-25T13:28:54Z)
• Backdoor Defense via Suppressing Model Shortcuts [91.30995749139012]
  In this paper, we explore the backdoor mechanism from the angle of the model structure. We demonstrate that the attack success rate (ASR) decreases significantly when reducing the outputs of some key skip connections.
  arXiv  Detail & Related papers  (2022-11-02T15:39:19Z)
• Maximum Likelihood Distillation for Robust Modulation Classification [50.51144496609274]
  We build on knowledge distillation ideas and adversarial training to build more robust AMC systems. We propose to use the Maximum Likelihood function, which could solve the AMC problem in offline settings, to generate better training labels.
  arXiv  Detail & Related papers  (2022-11-01T21:06:11Z)
• Explicit Occlusion Reasoning for Multi-person 3D Human Pose Estimation [33.86986028882488]
  Occlusion poses a great threat to monocular multi-person 3D human pose estimation due to large variability in terms of the shape, appearance, and position of occluders. Existing methods try to handle occlusion with pose priors/constraints, data augmentation, or implicit reasoning. We develop a method to explicitly model this process that significantly improves bottom-up multi-person human pose estimation.
  arXiv  Detail & Related papers  (2022-07-29T22:12:50Z)
• Neurosymbolic hybrid approach to driver collision warning [64.02492460600905]
  There are two main algorithmic approaches to autonomous driving systems. Deep learning alone has achieved state-of-the-art results in many areas. But sometimes it can be very difficult to debug if the deep learning model doesn't work.
  arXiv  Detail & Related papers  (2022-03-28T20:29:50Z)
• Towards Training Reproducible Deep Learning Models [26.547756923322126]
  Deep Learning (DL) models are challenging to be reproduced due to issues like randomness in the software and non-determinism in the hardware. This paper proposes a systematic approach to training reproducible DL models. Case study results show our approach can successfully reproduce six open source and one commercial DL models.
  arXiv  Detail & Related papers  (2022-02-04T18:14:39Z)
• On the Security Risks of AutoML [38.03918108363182]
  Neural Architecture Search (NAS) is an emerging machine learning paradigm that automatically searches for models tailored to given tasks. We show that compared with their manually designed counterparts, NAS-generated models tend to suffer greater vulnerability to various malicious attacks. We discuss potential remedies to mitigate such drawbacks, including increasing cell depth and suppressing skip connects.
  arXiv  Detail & Related papers  (2021-10-12T14:04:15Z)
• Towards Transferable Adversarial Attack against Deep Face Recognition [58.07786010689529]
  Deep convolutional neural networks (DCNNs) have been found to be vulnerable to adversarial examples. transferable adversarial examples can severely hinder the robustness of DCNNs. We propose DFANet, a dropout-based method used in convolutional layers, which can increase the diversity of surrogate models. We generate a new set of adversarial face pairs that can successfully attack four commercial APIs without any queries.
  arXiv  Detail & Related papers  (2020-04-13T06:44:33Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.