Adversarial Attacks for Network Interpretation
dc.contributor.advisor | Pirsiavash, Hamed | |
dc.contributor.author | Pillai, Vipin Radhakrishnan | |
dc.contributor.department | Computer Science and Electrical Engineering | |
dc.contributor.program | Computer Science | |
dc.date.accessioned | 2021-01-29T18:12:32Z | |
dc.date.available | 2021-01-29T18:12:32Z | |
dc.date.issued | 2018-01-01 | |
dc.description.abstract | Adversarial attacks are known to fool deep neural networks to produce incorrect predictions. We introduce adversarial attack algorithms that not only fool the network's prediction, but also fool our interpretation of the cause of the network's decision. We show that our algorithms can empower practical adversarial attacks, like adversarial patches, by hiding them from network interpretation tools. We also introduce adversarial attack algorithms which can change the interpretation of the network's decision without changing the network's output. We show that our attack tuned for GradCam visualization transfers directly to other visualization algorithms like CAM and occluding patch as well. We believe our algorithms can facilitate developing more robust network interpretation tools that truly explain the network's underlying decision-making process. | |
dc.format | application:pdf | |
dc.genre | theses | |
dc.identifier | doi:10.13016/m2mtb1-e3w7 | |
dc.identifier.other | 11892 | |
dc.identifier.uri | http://hdl.handle.net/11603/20719 | |
dc.language | en | |
dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
dc.relation.ispartof | UMBC Theses and Dissertations Collection | |
dc.relation.ispartof | UMBC Graduate School Collection | |
dc.relation.ispartof | UMBC Student Collection | |
dc.source | Original File Name: Pillai_umbc_0434M_11892.pdf | |
dc.subject | Adversarial Attacks | |
dc.subject | Convolutional Neural Networks | |
dc.subject | Explainable AI | |
dc.subject | Image Classification | |
dc.subject | Network Interpretation | |
dc.title | Adversarial Attacks for Network Interpretation | |
dc.type | Text | |
dcterms.accessRights | Distribution Rights granted to UMBC by the author. | |
dcterms.accessRights | Access limited to the UMBC community. Item may possibly be obtained via Interlibrary Loan thorugh a local library, pending author/copyright holder's permission. | |
dcterms.accessRights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. |