Name
Abstract | ||
|---|---|---|
We outline a detection method for adversarial inputs to deep neural networks. By viewing neural network computations as graphs upon which information flows from input space to out- put distribution, we compare the differences in graphs induced by different inputs. Specifically, by applying persistent homology to these induced graphs, we observe that the structure of the most persistent subgraphs which generate the first homology group differ between adversarial and unperturbed inputs. Based on this observation, we build a detection algorithm that depends only on the topological information extracted during training. We test our algorithm on MNIST and achieve 98% detection adversary accuracy with F1-score 0.98. |
Year | Venue | Field |
|---|---|---|
2017 | arXiv: Learning | Graph,MNIST database,Topological information,Persistent homology,Artificial intelligence,Adversary,Artificial neural network,Mathematics,Machine learning,Homology (mathematics),Computation |
DocType | Volume | Citations |
Journal | abs/1711.10056 | 1 |
PageRank | References | Authors |
0.35 | 4 | 2 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Thomas Gebhart | 1 | 1 | 1.03 |
| Paul R. Schrater | 2 | 141 | 22.71 |