Adversarial robustness and attacks in Deep Learning Керівни

Кузьменко, Дмитро

Adversarial robustness and attacks in Deep Learning Керівни

Files

Kuzmenko_Mahisterska_robota.pdf (1 MB)

Kuzmenko_Mahisterska_robota 2.pdf (926.88 KB)

Date

2022

Authors

Кузьменко, Дмитро

Abstract

The theoretical underpinnings for this field involve the notions of robustness and astuteness, local Lipschitzness, r-separability of datasets, robustness-accuracy tradeoff, and L-inf distance. This work will cover all the preliminaries, explain the choice of CIFAR-10 with L-inf metric space and eps=8/255 as a main dataset for the task, make use of already well-known attacks and defenses, introduce new ones, and try different ensembles on the 3 most robust models available on the benchmark – Adversarial Weight Perturbation, Augmentations and weight averaging, and Self-COnsistent Robust Error (SCORE-based model).

Keywords

Local Lipschitzness, Carlini-Wagner, Self-COnsistent Robust Error, Scale and std hyperparameters in Jitter, магістерська робота

URI

https://ekmair.ukma.edu.ua/handle/123456789/28873

Collections

113 Прикладна математика

Full item page