Abstract | ||
---|---|---|
Adversarial examples are constructed by slightly perturbing a correctly processed input to a trained neural network such that the network produces an incorrect result. This work proposes the usage of the Fisher information for the detection of such adversarial attacks. We discuss various quantities whose computation scales well with the network size, study their behavior on adversarial examples and show how they can highlight the importance of single input neurons, thereby providing a visual tool for further analyzing the behavior of a neural network. The potential of our methods is demonstrated by applications to the MNIST, CIFAR10 and Fruits-360 datasets and through comparison to concurring methods. |
Year | DOI | Venue |
---|---|---|
2020 | 10.1016/j.neucom.2019.11.052 | Neurocomputing |
Keywords | Field | DocType |
Deep Learning,Adversarial Examples,Fisher information,Explainability | Network size,MNIST database,Visual tool,Fisher information,Artificial intelligence,Artificial neural network,Machine learning,Mathematics,Computation,Adversarial system | Journal |
Volume | ISSN | Citations |
382 | 0925-2312 | 0 |
PageRank | References | Authors |
0.34 | 23 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jörg Martin | 1 | 0 | 0.68 |
Clemens Elster | 2 | 96 | 14.27 |