SlideShare a Scribd company logo

Generational Adversarial Neural Networks - Essential Reference

Gokul Alex
Gokul Alex

My presentation on Generational Adversarial Neural Networks and the Challenges of Adversarial Learning Conditions in Neural Networks presented during the National Symposium on Machine Intelligence organised by Kerala University in 2017 in Thiruvananthapuram.

1 of 96
Download to read offline
ADVERSARIAL MACHINES G O K U L A L E X , U S T G L O B A L
TA X O N O M Y O F M AC H I N E L E A R N I N G Supervised learning Unsupervised learning Reinforcement learning • Supervised learning • Find deterministic function • F : y = f(x), x : data, y : label • Higher dimensional data • Feature vectors are needed • Unsupervised learning • Find deterministic function • Z = f (x), x : data, z: latent • Generative Model • Find generation function g; • X = g(z), x : data, z : latent Semi- Supervised learning
SUPERVISORY LEARNING - RECAP • Labelled data • Algorithms try to predict an output value based on a given input • Examples include : – Classification algorithms such as SVM – Regression algorithms such as Linear Regression
SUPERVISED LEARNING
SUPERVISED LEARNING : GREEDY POLICY
UNSUPERVISED LEARNING
UNSUPERVISED LEARNING - RECAP • Unlabeled Data • Algorithms try to discover hidden structures in the data • Examples include – Clustering Algorithms such as K-means – Generative Models such as GAN
DISCRIMINATIVE MODELS • Learns a function that maps the input x into an output y • Conditional probability P (y/x) • Classification Algorithms such as SVM
GENERATIVE MODELS • Tries to learn a joint probability of the input x and the output y at the sametime • Joint probability P ( x, y ) • Generative Statistical Models such as Latent Drichlet Allocation
UNSUPERVISED LEARNING V/S GENERATIVE MODEL
GENERATIVE MODEL
STACKED AUTO ENCODERS
DE-NOISING ENCODERS
VARIATIONAL AUTO ENCODERS
VARIATIONAL AUTO ENCODERS
N AT U R E O F VA R I AT I O N A L AU TO E N C O D E R S The encoder becomes aVariational inference network, mapping observed inputs to (approximate) posterior distributions over latent space The decoder becomes a generative network, capable of mapping arbitrary latent coordinates back to distributions over the original data space.
BEYOND MACHINE INTELLIGENCE : TWO PATHWAYS • Currently there are two main approaches to generating images using artificial intelligence – Boltzmann Machine – Generative Adversarial Neural Networks ( GAN) • GAN pits two neural networks against one another in order to improve their generation of photorealistic images. • In GAN, there is a generator which produces fake images, and a discriminator, which differentiates the fake images from the real ones.They train together: the discriminator processes the variations between the real and the fake images and informs the generator on how to produce more accurate fake images. – Variational Auto Encoding (VAE) • VAE has strong ability to generate diverse set of images • Essentially autoencoder performs a dimensionality reduction in your data set. – Some researchers have combinedVAE and GAN into a hybrid for an improved generative model
GOOGLE DEEP DREAM • http://psychic-vr-lab.com/deepdream/pics/1175065.html • Find and enhance patterns in images via algorithmic pareidolla • Images are deliberately over processed • Deep dream software originates in a deep convolutional network code named ‘Inception’ • Developed for ImageNet large scale visual recognition challenge
WHAT IS DEEP DREAMING ? • A good approach to deep neural network visualization or digital aesthetics construction • Generation of images that produces desired activations in a trained deep network • This can be used for visualizations to understand the emergent structure of the neural network better, and is the basis for the DeepDream concept. • The optimization resembles Backpropagation, however instead of adjusting the network weights, the weights are held fixed and the input is adjusted.
LET’S TALK ABOUT DEEP DREAM A Computer vision program from google which uses cnn
DEEP DREAM - INFERENCES • Once trained, the network can also be run in reverse, being asked to adjust the original image slightly so that a given output neuron (e.g. the one for faces or certain animals) yields a higher confidence score. • However, after enough reiterations, even imagery initially devoid of the sought features will be adjusted enough that a form of pareidolia results, by which psychedelic and surreal images are generated algorithmically. • Applying gradient descent independently to each pixel of the input produces images in which adjacent pixels have little relation and thus the image has too much high frequency information. • The generated images can be greatly improved by including a prior or regularizer that prefers inputs that have natural image statistics (without a preference for any particular image), or are simply smooth.The total variation regularizer prefers images that are piecewise constant.
D E E P D R E A M F R AC TA L S Applying Deep Dream to 2K footage Building custom hardware rigs Designing tools for rapid iteration Deep UI Exploring Hyper parameters This is a true industrial scale neural network based music video This paradigm is called Creative AI
ARCHETYPES IN ADVERSARIAL MACHINES • Conditional GAN • Bidirectional GAN • Semi Supervised GAN • Info GAN • Auxiliary Classified GAN
NATURE OF ADVERSARIAL IMAGES • Research on adversarial images to date has focused on disrupting classification, i.e., producing images classified with labels that are patently inconsistent with human perception. • Specifically, given a source image, a target (guide) image, and a trained DNN, we find small perturbations to the source image that cause the representation on a specified layer (or above) to be remarkably similar to that of the guide image, and hence far from that of the source. • Deep representations of such adversarial images are not outliers per se, rather, they appear generic, indistinguishable from representations of natural images
EVOLUTIONARY ALGORITHMS AND ADVERSARIAL IMAGES • Evolutionary algorithms has been used to generate images comprising of 2D patterns that are classified by DNNs as common objects with high confidence • Such adversarial images are quite different from the natural images which are used as training data • Because natural images only occupy a small volume of the space of all possible images, it is not surprising that discriminative DNNs trained on natural images have trouble coping with such out of sample data.
ANALYSIS OF APPARENT QUASI- NATURAL ADVERSARIAL IMAGES • We need to use gradient based optimization on the classification loss with respect to the image perturbation – The magnitude of the perturbation is penalized to ensure that the perturbation is not perceptually salient – Given an Image I, a DNN Classifier f, and an erroneous label L, they find the perturbation e that minimizes loss ( f ( I + e ) L ) + c || e || 2. – c will be chosen to fins the smallest e that achieves f ( I + e ) = L – Resulting adversarial images occupy low probability pockets in the manifold, acting like blind spots to the DNN – Ian Goodfellow et. al showed that adversarial images are more common and can be found by taking steps in the direction of gradient of loss ( f ( I + e ) , L ) – Ian Goodfellow et.al showed that adversarial images exist for other models, including linear classifiers – They argue that the problems arises when the models are too linear
WHAT I S T H E WAY A H E A D ?
L I M I TAT I O N S O F D E E P N E U R A L N E T S Deep Neural Nets for image classification can be circumvented One such category of adversarial images is designed to disrupt image classification They raise questions about the nature of learned representations Interestingly adversarial images can be harnessed for improved learning algorithms that exhibit improved robustness and better generalization
A DV E R S A R I A L A . I . It’s a common sci-fi theme : Robot v/s Robot A series of published research papers has produced evidence that Convolutional Neural Networks can be fooled
A DV E R S A R I A L N O I S E Adversaries can craft particular inputs, named adversarial samples, leading models to produce an output behavior of their choice, such as misclassification. Inputs are crafted by adding a carefully chosen adversarial perturbation to a legitimate sample. The resulting sample is not necessarily unnatural, i.e. outside of the training data manifold.Algorithms crafting adversarial samples are designed to minimize the perturbation, thus making adversarial samples hard to distinguish from legitimate samples. Attacks based on adversarial samples occur after training is complete and therefore, do not require any tampering with the training procedure.
P O S S I B L E C O N S E Q U E N C E S Recent studies have shown that deep learning, like other machine learning techniques, is vulnerable to adversarial samples: inputs crafted to force a deep neural network (DNN) to provide adversary-selected outputs. Such attacks can seriously undermine the security of the system supported by the DNN, sometimes with devastating consequences. For example, autonomous vehicles can be crashed, illicit or illegal content can bypass content filters, or biometric authentication systems can be manipulated to allow improper access.
D E F I N I N G F E AT U R E S O F A DV E R S A R I A L M AC H I N E S Designed to tackle situations with imperfect knowledge. Consist of competing neural networks A closed form loss function is not required. Some systems have the capability to discover its own loss function Adversarial Learning Finding a Nash Equilibrium to a two player non-cooperative game Adversary DataTypes While Adversary is perceptually similar to one data type, it’s internal representation appears remarkably similar to a different data type, one from different class, bearing little if any apparent similarity to the input.
P RO M I S E O F A DV E R S A R I A L M AC H I N E S Adversarial Machines are a fascinating area of research They highlight the limitations of current systems and raise a number of interesting questions It helps us to identify vulnerabilities in deep neural networks It helps us to better understand their attack surface and defend them It opens up a new area of Deep Forensics on Neural Computational Systems Examples : Spams,Authentication, malwares, network intrusion, fraud detection etc.
A R E F E R E N C E M O D E L Today we are discussing an innovative method for generating adversarial images that appear perceptually similar to a source image, but whose deep representations mimic the characteristics of natural guide images A Walkthrough on theWorks of : • Sara Sabour • Yanshuai Cao • Fartash Faghri • David J. Fleet Architech Labs,Toronto, Canada , Department of Computer Science, University of Toronto, Canada
ADVERSARIAL IMAGE CONSTRUCTION • Let I(s) and I(g) denote the source and guide images. Let Ø(k) be the mapping from an image to its internal DNN representation at layer K. Our goal is to find a new image, I(a) such that the Euclidean distance between Ø(k)I(s) and Ø(k) I(g) is as small as possible and I(a) remains close to the source I(s). • More precisely, I(a) is defined to be the solution to a constrained optimization problem • I(a) = arg min || Ø(k)I - Ø(k)I(g) || 2 – 2, subject to || I – Is || ∞ < ∂. • The constraint on the distance between I (a) and I (s) is formulated in terms of L∞ norm to limit the maximum deviation of any single pixel color to ∂. • Inspecting the adversarial images, one can see that larger values of ∂ allow more noticeable perturbations . • Interestingly, no natural image was found in which guide image is perceptible in the adversarial image. Nor is there a significant amount of salient structure found in the difference images.Adversarial Images generated from one network are usually misclassified by other networks.
A N A LYS I S O F A DV E R S A R I A L I M AG E I N T E R N A L R E P R E S E N TAT I O N S One successful approach has been to invert the mapping, allowing us to display images reconstructed from internal representation at specific layers While the lower layer representations bear similarity to the source, the upper layers are remarkably similar to the guide. Generally, we find that the internal representations begin to mimic the guide at whatever layer was targeted by the optimization Hence it is interesting to see that the human perception and the internal representation of these adversarial images are clearly incongruent.
D E E P E R A N A LYS I S O N T H E N AT U R E O F A DV E R S A R I A L I M AG E S Intersection of NNs is another useful similarity measure. Two nearby points should also have similar distance to their NNs. To use this measure of similarity, we take the average distance to K NN as a scalar score for a point, and then rank that point along with the true positive training point in its label class This approach is known as feature adversaries via optimization
C O M PA R I S O N O F VA R I O U S A DV E R S E I M AG E G E N E R AT I O N M E T H O D S We are comparing the following four approaches here : • Feature adversaries via optimization • label adversaries via optimization, • label adversaries via fast gradient, • feature adversaries via fast gradient
SPARSITY AND ADVERSARIAL CONSTRUCTION METHODS • If the degree of sparsity increases after the adversarial perturbation, the adversarial example is using extra active paths to manipulate the resulting representation. • We can analyze how much activate units are shared between source and the adversary, as well as guide and adversary, by computing the intersection over union I/U of active units. • If the I/U is high on all layers, the two representations share most active paths • On the other hand, if I/U is low, while the degree of sparsity remains the same, then the adversary must have closed some activation paths
WHY D O W E N E E D A DV E R S A R I A L M A C H I N E S
WHY RANDOMNESS IS IMPORTANT FOR DEEP LEARNING • Random Noise allows neural nets to produce multiple outputs given same instance of input • Random noise limits the amount of information flowing through the network, forcing the network to learn meaningful representations of data. • Random noise provides "exploration energy" for finding better optimization solutions during gradient descent. • Adding Gradient Noise helps to – Helps to void overfitting – Help to lower training loss – Reduction in error rate
TOPIC OF DISCUSSION : DEFENSIVE DISTILLATION • Aiming to reduce the effectiveness of adversarial samples on DNNs. • The study shows that defensive distillation can reduce effectiveness of sample creation from 95% to less than 0.5% on a studied DNN. • Such dramatic gains can be explained by the fact that distillation leads gradients used in adversarial sample creation to be reduced by a factor of 10 30. • Distillation increases the average minimum number of features that need to be modified to create adversarial samples by about 800% on one of the DNNs.
NATURE OF ADVERSARIAL ATTACKS • Inputs are crafted by adding a carefully chosen adversarial perturbation to a legitimate sample. • The resulting sample is not necessarily unnatural, i.e. outside of the training data manifold. • Algorithms crafting adversarial samples are designed to minimize the perturbation, thus making adversarial samples hard to distinguish from legitimate samples. • Attacks based on adversarial samples occur after training is complete and therefore do not require any tampering with the training procedure. • Attacks based on adversarial samples were primarily exploiting gradients computed to estimate the sensitivity of networks to its input dimensions.
ADVERSARIAL DEEP LEARNING • Simple confidence reduction – The aim is to reduce a DNN’s confidence on a prediction, thus introducing class ambiguity • Source-target misclassification – The goal is to be able to take a sample from any source class and alter it so as to have the DNN classify it in any chosen target class distinct from the source class. • Examples : – Potential examples of adversarial samples in realistic contexts could include slightly altering malware executables in order to evade detection systems built using DNNs – adding perturbations to handwritten digits on a check resulting in a DNN wrongly recognizing the digits (for instance, forcing the DNN to read a larger amount than written on the check) – altering a pattern of illegal financial operations to prevent it from being picked up by fraud detections systems using DNNs.
ADVERSARIAL CRAFTING FRAMEWORK
ESSENCE OF DISTILLATION METHOD • Distillation is a training procedure initially designed to train a DNN using knowledge transferred from a different DNN. • The motivation behind the knowledge transfer operated by distillation is to reduce the computational complexity of DNN architectures by transferring knowledge from larger architectures to smaller ones. • This facilitates the deployment of deep learning in resource constrained devices (e.g. smartphones) which cannot rely on powerful GPUs to perform computations.
DEFENSIVE DISTILLATION APPROACH • A new variant of distillation to provide for defense training: instead of transferring knowledge between different architectures, it is proposed to use the knowledge extracted from a DNN to improve its own resilience to adversarial samples. • We can use the knowledge extracted during distillation to reduce the amplitude of network gradients exploited by adversaries to craft adversarial samples. • If adversarial gradients are high, crafting adversarial samples becomes easier because small perturbations will induce high DNN output variations. • To defend against such perturbations, one must therefore reduce variations around the input, and consequently the amplitude of adversarial gradients. • In other words, we use defensive distillation to smooth the model learned by a DNN architecture during training by helping the model generalize better to samples outside of its training dataset.
NEURAL NETWORK DISTILLATION • Distillation is motivated by the end goal of reducing the size of DNN architectures or ensembles of DNN architectures, so as to reduce their computing resource needs, and in turn allow deployment on resource constrained devices like smartphones. • The general intuition behind the technique is to extract class probability vectors produced by a first DNN or an ensemble of DNNs to train a second DNN of reduced dimensionality without loss of accuracy. • This intuition is based on the fact that knowledge acquired by DNNs during training is not only encoded in weight parameters learned by the DNN but is also encoded in the probability vectors produced by the network
DISTILLATION AND NEURAL NETWORK ARCHITECTURE • Distillation extracts class knowledge from these probability vectors to transfer it into a different DNN architecture during training. • To perform this transfer, distillation labels inputs in the training dataset of the second DNN using their classification predictions according to the first DNN. • The probability vectors produced by the first DNN are then used to label the dataset. These new labels are called soft labels as opposed to hard class labels
BUILDING A ROBUST DNN • A robust DNN should – Display good accuracy inside and outside of its training dataset – Model a smooth classifier function (F) which would intuitively classify inputs relatively consistently in the neighborhood of a given sample. – The larger this neighborhood is for all inputs within the natural distribution of samples, the more robust is the DNN. • The higher the average minimum perturbation required to misclassify a sample from the data manifold is, the more robust the DNN is to adversarial samples.
DEFENSE MECHANISM BASED ON THE TRANSFER OF KNOWLEDGE CONTAINED IN PROBABILITY VECTORS THROUGH DISTILLATION
GAN ARCHITECTURE OVERVIEW
PROPOSED BIDIRECTIONAL GAN ARCHITECTURE TO MINIMIZE ADVERSARIAL PERTURBATION EFFECTS Generator Discriminator A Discriminator B Unknown Data VAE Encoder Convex Conjugate Filter Function Convex Conjugate Filter Function
PROPOSED REVISIONS • Introducing Bloom Filters for improving the accuracy of the Discriminators • Julia Fatou Biholomorphic Architecture in the Generator to eliminate adversarial noise • Julia Fatou Bihomomorphic Architecture in the Discriminators to eliminate adversarial noise • Orthogonal function controlled Discriminators to eliminate fake data
MACHINE SENTIENT BEINGS E M E R G E N C E O F B E H AV I O R A L M A C H I N E S
BEHAVIORAL AI – EMERGING FUTURE Creative AI Sentinel AI Hegemonic AI Affectionate AI Subservient AI Sublime AI Cynical AI
M I N - M A X G A M E S Minimax is a kind of backtracking algorithm that is used in decision making and game theory to find the optimal move for a player, assuming that your opponent also plays optimally.
INTRODUCTION TO GAME THEORY • Games are essentially optimization problems with more than one decision maker ( player ) often with conflicting goals. • Involves carving out a subclass of non-convex games by identifying the composition of simple functions as an essential feature common to deep learning architectures • Compositionality is formalized via distributed communication protocols and grammars
ADVERSARIAL NOISE • There exist a constant p > 0 such that for any circuit C there exist a circuit C’ such that – Size (C’) < Size (C) * poly log ( size (C)) – If C’ is implemented with noise p at every gate, then it will implement C correctly with probability > 0.99 (Von Neuman )

Recommended

Deep Learning - A Literature survey
Deep Learning - A Literature surveyDeep Learning - A Literature survey
Deep Learning - A Literature survey
Akshay Hegde
 
Introduction to Deep Learning
Introduction to Deep LearningIntroduction to Deep Learning
Introduction to Deep Learning
Oswald Campesato
 
Deep Learning and the state of AI / 2016
Deep Learning and the state of AI / 2016Deep Learning and the state of AI / 2016
Deep Learning and the state of AI / 2016
Grigory Sapunov
 
Deep learning - Conceptual understanding and applications
Deep learning - Conceptual understanding and applicationsDeep learning - Conceptual understanding and applications
Deep learning - Conceptual understanding and applications
Buhwan Jeong
 
Advance deep learning
Advance deep learningAdvance deep learning
Advance deep learning
aliaKhan71
 
Deep Learning Primer - a brief introduction
Deep Learning Primer - a brief introductionDeep Learning Primer - a brief introduction
Deep Learning Primer - a brief introduction
ananth
 
Deep learning: the future of recommendations
Deep learning: the future of recommendationsDeep learning: the future of recommendations
Deep learning: the future of recommendations
Balázs Hidasi
 
Deep Learning
Deep LearningDeep Learning
Deep Learning
Jun Wang
 

Recommended

Deep Learning - A Literature survey
Deep Learning - A Literature surveyDeep Learning - A Literature survey
Deep Learning - A Literature survey
Akshay Hegde
 
Introduction to Deep Learning
Introduction to Deep LearningIntroduction to Deep Learning
Introduction to Deep Learning
Oswald Campesato
 
Deep Learning and the state of AI / 2016
Deep Learning and the state of AI / 2016Deep Learning and the state of AI / 2016
Deep Learning and the state of AI / 2016
Grigory Sapunov
 
Deep learning - Conceptual understanding and applications
Deep learning - Conceptual understanding and applicationsDeep learning - Conceptual understanding and applications
Deep learning - Conceptual understanding and applications
Buhwan Jeong
 
Advance deep learning
Advance deep learningAdvance deep learning
Advance deep learning
aliaKhan71
 
Deep Learning Primer - a brief introduction
Deep Learning Primer - a brief introductionDeep Learning Primer - a brief introduction
Deep Learning Primer - a brief introduction
ananth
 
Deep learning: the future of recommendations
Deep learning: the future of recommendationsDeep learning: the future of recommendations
Deep learning: the future of recommendations
Balázs Hidasi
 
Deep Learning
Deep LearningDeep Learning
Deep Learning
Jun Wang
 
Neural Networks and Deep Learning
Neural Networks and Deep LearningNeural Networks and Deep Learning
Neural Networks and Deep Learning
Asim Jalis
 
Deep Learning: concepts and use cases (October 2018)
Deep Learning: concepts and use cases (October 2018)Deep Learning: concepts and use cases (October 2018)
Deep Learning: concepts and use cases (October 2018)
Julien SIMON
 
Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015
Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015
Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015
Turi, Inc.
 
Image Captioning Generator using Deep Machine Learning
Image Captioning Generator using Deep Machine LearningImage Captioning Generator using Deep Machine Learning
Image Captioning Generator using Deep Machine Learning
ijtsrd
 
Deep Learning: Chapter 11 Practical Methodology
Deep Learning: Chapter 11 Practical MethodologyDeep Learning: Chapter 11 Practical Methodology
Deep Learning: Chapter 11 Practical Methodology
Jason Tsai
 
Deep Learning - Convolutional Neural Networks
Deep Learning - Convolutional Neural NetworksDeep Learning - Convolutional Neural Networks
Deep Learning - Convolutional Neural Networks
Christian Perone
 
Deep learning - A Visual Introduction
Deep learning - A Visual IntroductionDeep learning - A Visual Introduction
Deep learning - A Visual Introduction
Lukas Masuch
 
Machine Learning ICS 273A
Machine Learning ICS 273AMachine Learning ICS 273A
Machine Learning ICS 273Abutest
 
Tutorial on Deep Learning
Tutorial on Deep LearningTutorial on Deep Learning
Tutorial on Deep Learning
inside-BigData.com
 
Machine Learning techniques
Machine Learning techniques Machine Learning techniques
Machine Learning techniques Jigar Patel
 
MDEC Data Matters Series: machine learning and Deep Learning, A Primer
MDEC Data Matters Series: machine learning and Deep Learning, A PrimerMDEC Data Matters Series: machine learning and Deep Learning, A Primer
MDEC Data Matters Series: machine learning and Deep Learning, A Primer
Poo Kuan Hoong
 
Model evaluation in the land of deep learning
Model evaluation in the land of deep learningModel evaluation in the land of deep learning
Model evaluation in the land of deep learning
Pramit Choudhary
 
Introduction to Deep learning
Introduction to Deep learningIntroduction to Deep learning
Introduction to Deep learning
Massimiliano Ruocco
 
ML DL AI DS BD - An Introduction
ML DL AI DS BD - An IntroductionML DL AI DS BD - An Introduction
ML DL AI DS BD - An Introduction
Dony Riyanto
 
Yann le cun
Yann le cunYann le cun
Yann le cunYandex
 
Machine Learning, Deep Learning and Data Analysis Introduction
Machine Learning, Deep Learning and Data Analysis IntroductionMachine Learning, Deep Learning and Data Analysis Introduction
Machine Learning, Deep Learning and Data Analysis Introduction
Te-Yen Liu
 
Model Evaluation in the land of Deep Learning
Model Evaluation in the land of Deep LearningModel Evaluation in the land of Deep Learning
Model Evaluation in the land of Deep Learning
Pramit Choudhary
 
An introduction to Deep Learning
An introduction to Deep LearningAn introduction to Deep Learning
An introduction to Deep Learning
David Rostcheck
 
Deep learning in Computer Vision
Deep learning in Computer VisionDeep learning in Computer Vision
Deep learning in Computer Vision
David Dao
 
An Introduction to Deep Learning (April 2018)
An Introduction to Deep Learning (April 2018)An Introduction to Deep Learning (April 2018)
An Introduction to Deep Learning (April 2018)
Julien SIMON
 
GAN Deep Learning Approaches to Image Processing Applications (1).pptx
GAN Deep Learning Approaches to Image Processing Applications (1).pptxGAN Deep Learning Approaches to Image Processing Applications (1).pptx
GAN Deep Learning Approaches to Image Processing Applications (1).pptx
RMDAcademicCoordinat
 
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101
Felipe Prado
 

More Related Content

What's hot

Neural Networks and Deep Learning
Neural Networks and Deep LearningNeural Networks and Deep Learning
Neural Networks and Deep Learning
Asim Jalis
 
Deep Learning: concepts and use cases (October 2018)
Deep Learning: concepts and use cases (October 2018)Deep Learning: concepts and use cases (October 2018)
Deep Learning: concepts and use cases (October 2018)
Julien SIMON
 
Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015
Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015
Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015
Turi, Inc.
 
Image Captioning Generator using Deep Machine Learning
Image Captioning Generator using Deep Machine LearningImage Captioning Generator using Deep Machine Learning
Image Captioning Generator using Deep Machine Learning
ijtsrd
 
Deep Learning: Chapter 11 Practical Methodology
Deep Learning: Chapter 11 Practical MethodologyDeep Learning: Chapter 11 Practical Methodology
Deep Learning: Chapter 11 Practical Methodology
Jason Tsai
 
Deep Learning - Convolutional Neural Networks
Deep Learning - Convolutional Neural NetworksDeep Learning - Convolutional Neural Networks
Deep Learning - Convolutional Neural Networks
Christian Perone
 
Deep learning - A Visual Introduction
Deep learning - A Visual IntroductionDeep learning - A Visual Introduction
Deep learning - A Visual Introduction
Lukas Masuch
 
Machine Learning ICS 273A
Machine Learning ICS 273AMachine Learning ICS 273A
Machine Learning ICS 273Abutest
 
Tutorial on Deep Learning
Tutorial on Deep LearningTutorial on Deep Learning
Tutorial on Deep Learning
inside-BigData.com
 
Machine Learning techniques
Machine Learning techniques Machine Learning techniques
Machine Learning techniques Jigar Patel
 
MDEC Data Matters Series: machine learning and Deep Learning, A Primer
MDEC Data Matters Series: machine learning and Deep Learning, A PrimerMDEC Data Matters Series: machine learning and Deep Learning, A Primer
MDEC Data Matters Series: machine learning and Deep Learning, A Primer
Poo Kuan Hoong
 
Model evaluation in the land of deep learning
Model evaluation in the land of deep learningModel evaluation in the land of deep learning
Model evaluation in the land of deep learning
Pramit Choudhary
 
Introduction to Deep learning
Introduction to Deep learningIntroduction to Deep learning
Introduction to Deep learning
Massimiliano Ruocco
 
ML DL AI DS BD - An Introduction
ML DL AI DS BD - An IntroductionML DL AI DS BD - An Introduction
ML DL AI DS BD - An Introduction
Dony Riyanto
 
Yann le cun
Yann le cunYann le cun
Yann le cunYandex
 
Machine Learning, Deep Learning and Data Analysis Introduction
Machine Learning, Deep Learning and Data Analysis IntroductionMachine Learning, Deep Learning and Data Analysis Introduction
Machine Learning, Deep Learning and Data Analysis Introduction
Te-Yen Liu
 
Model Evaluation in the land of Deep Learning
Model Evaluation in the land of Deep LearningModel Evaluation in the land of Deep Learning
Model Evaluation in the land of Deep Learning
Pramit Choudhary
 
An introduction to Deep Learning
An introduction to Deep LearningAn introduction to Deep Learning
An introduction to Deep Learning
David Rostcheck
 
Deep learning in Computer Vision
Deep learning in Computer VisionDeep learning in Computer Vision
Deep learning in Computer Vision
David Dao
 
An Introduction to Deep Learning (April 2018)
An Introduction to Deep Learning (April 2018)An Introduction to Deep Learning (April 2018)
An Introduction to Deep Learning (April 2018)
Julien SIMON
 

What's hot (20)

Neural Networks and Deep Learning
Neural Networks and Deep LearningNeural Networks and Deep Learning
Neural Networks and Deep Learning
 
Deep Learning: concepts and use cases (October 2018)
Deep Learning: concepts and use cases (October 2018)Deep Learning: concepts and use cases (October 2018)
Deep Learning: concepts and use cases (October 2018)
 
Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015
Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015
Introduction to Deep Learning for Image Analysis at Strata NYC, Sep 2015
 
Image Captioning Generator using Deep Machine Learning
Image Captioning Generator using Deep Machine LearningImage Captioning Generator using Deep Machine Learning
Image Captioning Generator using Deep Machine Learning
 
Deep Learning: Chapter 11 Practical Methodology
Deep Learning: Chapter 11 Practical MethodologyDeep Learning: Chapter 11 Practical Methodology
Deep Learning: Chapter 11 Practical Methodology
 
Deep Learning - Convolutional Neural Networks
Deep Learning - Convolutional Neural NetworksDeep Learning - Convolutional Neural Networks
Deep Learning - Convolutional Neural Networks
 
Deep learning - A Visual Introduction
Deep learning - A Visual IntroductionDeep learning - A Visual Introduction
Deep learning - A Visual Introduction
 
Machine Learning ICS 273A
Machine Learning ICS 273AMachine Learning ICS 273A
Machine Learning ICS 273A
 
Tutorial on Deep Learning
Tutorial on Deep LearningTutorial on Deep Learning
Tutorial on Deep Learning
 
Machine Learning techniques
Machine Learning techniques Machine Learning techniques
Machine Learning techniques
 
MDEC Data Matters Series: machine learning and Deep Learning, A Primer
MDEC Data Matters Series: machine learning and Deep Learning, A PrimerMDEC Data Matters Series: machine learning and Deep Learning, A Primer
MDEC Data Matters Series: machine learning and Deep Learning, A Primer
 
Model evaluation in the land of deep learning
Model evaluation in the land of deep learningModel evaluation in the land of deep learning
Model evaluation in the land of deep learning
 
Introduction to Deep learning
Introduction to Deep learningIntroduction to Deep learning
Introduction to Deep learning
 
ML DL AI DS BD - An Introduction
ML DL AI DS BD - An IntroductionML DL AI DS BD - An Introduction
ML DL AI DS BD - An Introduction
 
Yann le cun
Yann le cunYann le cun
Yann le cun
 
Machine Learning, Deep Learning and Data Analysis Introduction
Machine Learning, Deep Learning and Data Analysis IntroductionMachine Learning, Deep Learning and Data Analysis Introduction
Machine Learning, Deep Learning and Data Analysis Introduction
 
Model Evaluation in the land of Deep Learning
Model Evaluation in the land of Deep LearningModel Evaluation in the land of Deep Learning
Model Evaluation in the land of Deep Learning
 
An introduction to Deep Learning
An introduction to Deep LearningAn introduction to Deep Learning
An introduction to Deep Learning
 
Deep learning in Computer Vision
Deep learning in Computer VisionDeep learning in Computer Vision
Deep learning in Computer Vision
 
An Introduction to Deep Learning (April 2018)
An Introduction to Deep Learning (April 2018)An Introduction to Deep Learning (April 2018)
An Introduction to Deep Learning (April 2018)
 

Similar to Generational Adversarial Neural Networks - Essential Reference

GAN Deep Learning Approaches to Image Processing Applications (1).pptx
GAN Deep Learning Approaches to Image Processing Applications (1).pptxGAN Deep Learning Approaches to Image Processing Applications (1).pptx
GAN Deep Learning Approaches to Image Processing Applications (1).pptx
RMDAcademicCoordinat
 
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101
Felipe Prado
 
Deep learning
Deep learning Deep learning
Deep learning
Rajgupta258
 
Generative Adversarial Network (GANs).
Generative Adversarial Network (GANs).Generative Adversarial Network (GANs).
Generative Adversarial Network (GANs).
kgandham169
 
Generative Adversarial Network (GAN)
Generative Adversarial Network (GAN)Generative Adversarial Network (GAN)
Generative Adversarial Network (GAN)
Prakhar Rastogi
 
ppt.pdf
ppt.pdfppt.pdf
ppt.pdf
MohanRaj924804
 
Generative Adversarial Networks and Their Applications in Medical Imaging
Generative Adversarial Networks and Their Applications in Medical ImagingGenerative Adversarial Networks and Their Applications in Medical Imaging
Generative Adversarial Networks and Their Applications in Medical Imaging
Sanghoon Hong
 
Deep Generative Modelling
Deep Generative ModellingDeep Generative Modelling
Deep Generative Modelling
Petko Nikolov
 
Automatic Attendace using convolutional neural network Face Recognition
Automatic Attendace using convolutional neural network Face RecognitionAutomatic Attendace using convolutional neural network Face Recognition
Automatic Attendace using convolutional neural network Face Recognition
vatsal199567
 
Face-GAN project report.pptx
Face-GAN project report.pptxFace-GAN project report.pptx
Face-GAN project report.pptx
AndleebFatima16
 
Face-GAN project report
Face-GAN project reportFace-GAN project report
Face-GAN project report
AndleebFatima16
 
Computer vision-nit-silchar-hackathon
Computer vision-nit-silchar-hackathonComputer vision-nit-silchar-hackathon
Computer vision-nit-silchar-hackathon
Aditya Bhattacharya
 
Top 10 deep learning algorithms you should know in
Top 10 deep learning algorithms you should know inTop 10 deep learning algorithms you should know in
Top 10 deep learning algorithms you should know in
AmanKumarSingh97
 
Graph Based Machine Learning with Applications to Media Analytics
Graph Based Machine Learning with Applications to Media AnalyticsGraph Based Machine Learning with Applications to Media Analytics
Graph Based Machine Learning with Applications to Media Analytics
NYC Predictive Analytics
 
Deep learning from a novice perspective
Deep learning from a novice perspectiveDeep learning from a novice perspective
Deep learning from a novice perspective
Anirban Santara
 
Image captioning
Image captioningImage captioning
Image captioning
Muhammad Zbeedat
 
Image classification with Deep Neural Networks
Image classification with Deep Neural NetworksImage classification with Deep Neural Networks
Image classification with Deep Neural Networks
Yogendra Tamang
 
Machine Duping 101: Pwning Deep Learning Systems
Machine Duping 101: Pwning Deep Learning SystemsMachine Duping 101: Pwning Deep Learning Systems
Machine Duping 101: Pwning Deep Learning Systems
Clarence Chio
 
one shot15729752 Deep Learning for AI and DS
one shot15729752 Deep Learning for AI and DSone shot15729752 Deep Learning for AI and DS
one shot15729752 Deep Learning for AI and DS
ManiMaran230751
 
Makine Öğrenmesi ile Görüntü Tanıma | Image Recognition using Machine Learning
Makine Öğrenmesi ile Görüntü Tanıma | Image Recognition using Machine LearningMakine Öğrenmesi ile Görüntü Tanıma | Image Recognition using Machine Learning
Makine Öğrenmesi ile Görüntü Tanıma | Image Recognition using Machine Learning
Ali Alkan
 

Similar to Generational Adversarial Neural Networks - Essential Reference (20)

GAN Deep Learning Approaches to Image Processing Applications (1).pptx
GAN Deep Learning Approaches to Image Processing Applications (1).pptxGAN Deep Learning Approaches to Image Processing Applications (1).pptx
GAN Deep Learning Approaches to Image Processing Applications (1).pptx
 
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101
 
Deep learning
Deep learning Deep learning
Deep learning
 
Generative Adversarial Network (GANs).
Generative Adversarial Network (GANs).Generative Adversarial Network (GANs).
Generative Adversarial Network (GANs).
 
Generative Adversarial Network (GAN)
Generative Adversarial Network (GAN)Generative Adversarial Network (GAN)
Generative Adversarial Network (GAN)
 
ppt.pdf
ppt.pdfppt.pdf
ppt.pdf
 
Generative Adversarial Networks and Their Applications in Medical Imaging
Generative Adversarial Networks and Their Applications in Medical ImagingGenerative Adversarial Networks and Their Applications in Medical Imaging
Generative Adversarial Networks and Their Applications in Medical Imaging
 
Deep Generative Modelling
Deep Generative ModellingDeep Generative Modelling
Deep Generative Modelling
 
Automatic Attendace using convolutional neural network Face Recognition
Automatic Attendace using convolutional neural network Face RecognitionAutomatic Attendace using convolutional neural network Face Recognition
Automatic Attendace using convolutional neural network Face Recognition
 
Face-GAN project report.pptx
Face-GAN project report.pptxFace-GAN project report.pptx
Face-GAN project report.pptx
 
Face-GAN project report
Face-GAN project reportFace-GAN project report
Face-GAN project report
 
Computer vision-nit-silchar-hackathon
Computer vision-nit-silchar-hackathonComputer vision-nit-silchar-hackathon
Computer vision-nit-silchar-hackathon
 
Top 10 deep learning algorithms you should know in
Top 10 deep learning algorithms you should know inTop 10 deep learning algorithms you should know in
Top 10 deep learning algorithms you should know in
 
Graph Based Machine Learning with Applications to Media Analytics
Graph Based Machine Learning with Applications to Media AnalyticsGraph Based Machine Learning with Applications to Media Analytics
Graph Based Machine Learning with Applications to Media Analytics
 
Deep learning from a novice perspective
Deep learning from a novice perspectiveDeep learning from a novice perspective
Deep learning from a novice perspective
 
Image captioning
Image captioningImage captioning
Image captioning
 
Image classification with Deep Neural Networks
Image classification with Deep Neural NetworksImage classification with Deep Neural Networks
Image classification with Deep Neural Networks
 
Machine Duping 101: Pwning Deep Learning Systems
Machine Duping 101: Pwning Deep Learning SystemsMachine Duping 101: Pwning Deep Learning Systems
Machine Duping 101: Pwning Deep Learning Systems
 
one shot15729752 Deep Learning for AI and DS
one shot15729752 Deep Learning for AI and DSone shot15729752 Deep Learning for AI and DS
one shot15729752 Deep Learning for AI and DS
 
Makine Öğrenmesi ile Görüntü Tanıma | Image Recognition using Machine Learning
Makine Öğrenmesi ile Görüntü Tanıma | Image Recognition using Machine LearningMakine Öğrenmesi ile Görüntü Tanıma | Image Recognition using Machine Learning
Makine Öğrenmesi ile Görüntü Tanıma | Image Recognition using Machine Learning
 

More from Gokul Alex

Blockchain Technology in Banking Services - A Review
Blockchain Technology in Banking Services - A ReviewBlockchain Technology in Banking Services - A Review
Blockchain Technology in Banking Services - A Review
Gokul Alex
 
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDFDEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
Gokul Alex
 
Digital Innovation and Dynamics of Entrepreneurship
Digital Innovation and Dynamics of Entrepreneurship Digital Innovation and Dynamics of Entrepreneurship
Digital Innovation and Dynamics of Entrepreneurship
Gokul Alex
 
Decentralised AI and Distributed Ledgers - An Introduction
Decentralised AI and Distributed Ledgers - An IntroductionDecentralised AI and Distributed Ledgers - An Introduction
Decentralised AI and Distributed Ledgers - An Introduction
Gokul Alex
 
R3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and ComponentsR3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and Components
Gokul Alex
 
Covid19 ContactTracing - Privacy Preserving Proximity Protocols
Covid19 ContactTracing - Privacy Preserving Proximity ProtocolsCovid19 ContactTracing - Privacy Preserving Proximity Protocols
Covid19 ContactTracing - Privacy Preserving Proximity Protocols
Gokul Alex
 
Cybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way ForwardCybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way Forward
Gokul Alex
 
Creative Careers for Post Pandemic Times
Creative Careers for Post Pandemic TimesCreative Careers for Post Pandemic Times
Creative Careers for Post Pandemic Times
Gokul Alex
 
Imagining Intelligent Information Machines for 2020
Imagining Intelligent Information Machines for 2020Imagining Intelligent Information Machines for 2020
Imagining Intelligent Information Machines for 2020
Gokul Alex
 
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...Blockchain Essentials for Business Leaders - Value Propositions and Advantage...
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...
Gokul Alex
 
A Concise Introduction to Cryptographic Concepts
A Concise Introduction to Cryptographic ConceptsA Concise Introduction to Cryptographic Concepts
A Concise Introduction to Cryptographic Concepts
Gokul Alex
 
Applying Blockchain Technology for Digital Transformation
Applying Blockchain Technology for Digital TransformationApplying Blockchain Technology for Digital Transformation
Applying Blockchain Technology for Digital Transformation
Gokul Alex
 
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...
Gokul Alex
 
Decentralised AI through Distributed Ledger Technologies
Decentralised AI through Distributed Ledger Technologies Decentralised AI through Distributed Ledger Technologies
Decentralised AI through Distributed Ledger Technologies
Gokul Alex
 
Cloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and TechniquesCloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and Techniques
Gokul Alex
 
Quantum Computing - A History in the Making
Quantum Computing - A History in the Making Quantum Computing - A History in the Making
Quantum Computing - A History in the Making
Gokul Alex
 
Future of Education through Exponential and Emerging Technologies
Future of Education through Exponential and Emerging TechnologiesFuture of Education through Exponential and Emerging Technologies
Future of Education through Exponential and Emerging Technologies
Gokul Alex
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and Frontiers
Gokul Alex
 
Introduction to Blockchain Business Models
Introduction to Blockchain Business ModelsIntroduction to Blockchain Business Models
Introduction to Blockchain Business Models
Gokul Alex
 
Blockchain and Cryptography - A Primer
Blockchain and Cryptography - A PrimerBlockchain and Cryptography - A Primer
Blockchain and Cryptography - A Primer
Gokul Alex
 

More from Gokul Alex (20)

Blockchain Technology in Banking Services - A Review
Blockchain Technology in Banking Services - A ReviewBlockchain Technology in Banking Services - A Review
Blockchain Technology in Banking Services - A Review
 
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDFDEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
 
Digital Innovation and Dynamics of Entrepreneurship
Digital Innovation and Dynamics of Entrepreneurship Digital Innovation and Dynamics of Entrepreneurship
Digital Innovation and Dynamics of Entrepreneurship
 
Decentralised AI and Distributed Ledgers - An Introduction
Decentralised AI and Distributed Ledgers - An IntroductionDecentralised AI and Distributed Ledgers - An Introduction
Decentralised AI and Distributed Ledgers - An Introduction
 
R3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and ComponentsR3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and Components
 
Covid19 ContactTracing - Privacy Preserving Proximity Protocols
Covid19 ContactTracing - Privacy Preserving Proximity ProtocolsCovid19 ContactTracing - Privacy Preserving Proximity Protocols
Covid19 ContactTracing - Privacy Preserving Proximity Protocols
 
Cybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way ForwardCybersecurity Context in African Continent - Way Forward
Cybersecurity Context in African Continent - Way Forward
 
Creative Careers for Post Pandemic Times
Creative Careers for Post Pandemic TimesCreative Careers for Post Pandemic Times
Creative Careers for Post Pandemic Times
 
Imagining Intelligent Information Machines for 2020
Imagining Intelligent Information Machines for 2020Imagining Intelligent Information Machines for 2020
Imagining Intelligent Information Machines for 2020
 
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...Blockchain Essentials for Business Leaders - Value Propositions and Advantage...
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...
 
A Concise Introduction to Cryptographic Concepts
A Concise Introduction to Cryptographic ConceptsA Concise Introduction to Cryptographic Concepts
A Concise Introduction to Cryptographic Concepts
 
Applying Blockchain Technology for Digital Transformation
Applying Blockchain Technology for Digital TransformationApplying Blockchain Technology for Digital Transformation
Applying Blockchain Technology for Digital Transformation
 
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...
 
Decentralised AI through Distributed Ledger Technologies
Decentralised AI through Distributed Ledger Technologies Decentralised AI through Distributed Ledger Technologies
Decentralised AI through Distributed Ledger Technologies
 
Cloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and TechniquesCloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and Techniques
 
Quantum Computing - A History in the Making
Quantum Computing - A History in the Making Quantum Computing - A History in the Making
Quantum Computing - A History in the Making
 
Future of Education through Exponential and Emerging Technologies
Future of Education through Exponential and Emerging TechnologiesFuture of Education through Exponential and Emerging Technologies
Future of Education through Exponential and Emerging Technologies
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and Frontiers
 
Introduction to Blockchain Business Models
Introduction to Blockchain Business ModelsIntroduction to Blockchain Business Models
Introduction to Blockchain Business Models
 
Blockchain and Cryptography - A Primer
Blockchain and Cryptography - A PrimerBlockchain and Cryptography - A Primer
Blockchain and Cryptography - A Primer
 

Recently uploaded

Fundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptxFundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptx
manasideore6
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
Kamal Acharya
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
gestioneergodomus
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
Intella Parts
 
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERSCW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
veerababupersonal22
 
ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
Vijay Dialani, PhD
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
AJAYKUMARPUND1
 
Hierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power SystemHierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power System
Kerry Sado
 
Basic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparelBasic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparel
top1002
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
thanhdowork
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
Kamal Acharya
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
gerogepatton
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
Kamal Acharya
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
gdsczhcet
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
JoytuBarua2
 
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
aqil azizi
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
MdTanvirMahtab2
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Sreedhar Chowdam
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
fxintegritypublishin
 

Recently uploaded (20)

Fundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptxFundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptx
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
 
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERSCW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
 
ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
 
Hierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power SystemHierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power System
 
Basic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparelBasic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparel
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
 
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
 

Generational Adversarial Neural Networks - Essential Reference

  • 1. ADVERSARIAL MACHINES G O K U L A L E X , U S T G L O B A L
  • 2. TA X O N O M Y O F M AC H I N E L E A R N I N G Supervised learning Unsupervised learning Reinforcement learning • Supervised learning • Find deterministic function • F : y = f(x), x : data, y : label • Higher dimensional data • Feature vectors are needed • Unsupervised learning • Find deterministic function • Z = f (x), x : data, z: latent • Generative Model • Find generation function g; • X = g(z), x : data, z : latent Semi- Supervised learning
  • 3. SUPERVISORY LEARNING - RECAP • Labelled data • Algorithms try to predict an output value based on a given input • Examples include : – Classification algorithms such as SVM – Regression algorithms such as Linear Regression
  • 7. UNSUPERVISED LEARNING - RECAP • Unlabeled Data • Algorithms try to discover hidden structures in the data • Examples include – Clustering Algorithms such as K-means – Generative Models such as GAN
  • 8. DISCRIMINATIVE MODELS • Learns a function that maps the input x into an output y • Conditional probability P (y/x) • Classification Algorithms such as SVM
  • 9. GENERATIVE MODELS • Tries to learn a joint probability of the input x and the output y at the sametime • Joint probability P ( x, y ) • Generative Statistical Models such as Latent Drichlet Allocation
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 47. N AT U R E O F VA R I AT I O N A L AU TO E N C O D E R S The encoder becomes aVariational inference network, mapping observed inputs to (approximate) posterior distributions over latent space The decoder becomes a generative network, capable of mapping arbitrary latent coordinates back to distributions over the original data space.
  • 48. BEYOND MACHINE INTELLIGENCE : TWO PATHWAYS • Currently there are two main approaches to generating images using artificial intelligence – Boltzmann Machine – Generative Adversarial Neural Networks ( GAN) • GAN pits two neural networks against one another in order to improve their generation of photorealistic images. • In GAN, there is a generator which produces fake images, and a discriminator, which differentiates the fake images from the real ones.They train together: the discriminator processes the variations between the real and the fake images and informs the generator on how to produce more accurate fake images. – Variational Auto Encoding (VAE) • VAE has strong ability to generate diverse set of images • Essentially autoencoder performs a dimensionality reduction in your data set. – Some researchers have combinedVAE and GAN into a hybrid for an improved generative model
  • 49. GOOGLE DEEP DREAM • http://psychic-vr-lab.com/deepdream/pics/1175065.html • Find and enhance patterns in images via algorithmic pareidolla • Images are deliberately over processed • Deep dream software originates in a deep convolutional network code named ‘Inception’ • Developed for ImageNet large scale visual recognition challenge
  • 50. WHAT IS DEEP DREAMING ? • A good approach to deep neural network visualization or digital aesthetics construction • Generation of images that produces desired activations in a trained deep network • This can be used for visualizations to understand the emergent structure of the neural network better, and is the basis for the DeepDream concept. • The optimization resembles Backpropagation, however instead of adjusting the network weights, the weights are held fixed and the input is adjusted.
  • 51. LET’S TALK ABOUT DEEP DREAM A Computer vision program from google which uses cnn
  • 52.
  • 53.
  • 54.
  • 55.
  • 56.
  • 57. DEEP DREAM - INFERENCES • Once trained, the network can also be run in reverse, being asked to adjust the original image slightly so that a given output neuron (e.g. the one for faces or certain animals) yields a higher confidence score. • However, after enough reiterations, even imagery initially devoid of the sought features will be adjusted enough that a form of pareidolia results, by which psychedelic and surreal images are generated algorithmically. • Applying gradient descent independently to each pixel of the input produces images in which adjacent pixels have little relation and thus the image has too much high frequency information. • The generated images can be greatly improved by including a prior or regularizer that prefers inputs that have natural image statistics (without a preference for any particular image), or are simply smooth.The total variation regularizer prefers images that are piecewise constant.
  • 58. D E E P D R E A M F R AC TA L S Applying Deep Dream to 2K footage Building custom hardware rigs Designing tools for rapid iteration Deep UI Exploring Hyper parameters This is a true industrial scale neural network based music video This paradigm is called Creative AI
  • 59. ARCHETYPES IN ADVERSARIAL MACHINES • Conditional GAN • Bidirectional GAN • Semi Supervised GAN • Info GAN • Auxiliary Classified GAN
  • 60. NATURE OF ADVERSARIAL IMAGES • Research on adversarial images to date has focused on disrupting classification, i.e., producing images classified with labels that are patently inconsistent with human perception. • Specifically, given a source image, a target (guide) image, and a trained DNN, we find small perturbations to the source image that cause the representation on a specified layer (or above) to be remarkably similar to that of the guide image, and hence far from that of the source. • Deep representations of such adversarial images are not outliers per se, rather, they appear generic, indistinguishable from representations of natural images
  • 61. EVOLUTIONARY ALGORITHMS AND ADVERSARIAL IMAGES • Evolutionary algorithms has been used to generate images comprising of 2D patterns that are classified by DNNs as common objects with high confidence • Such adversarial images are quite different from the natural images which are used as training data • Because natural images only occupy a small volume of the space of all possible images, it is not surprising that discriminative DNNs trained on natural images have trouble coping with such out of sample data.
  • 62. ANALYSIS OF APPARENT QUASI- NATURAL ADVERSARIAL IMAGES • We need to use gradient based optimization on the classification loss with respect to the image perturbation – The magnitude of the perturbation is penalized to ensure that the perturbation is not perceptually salient – Given an Image I, a DNN Classifier f, and an erroneous label L, they find the perturbation e that minimizes loss ( f ( I + e ) L ) + c || e || 2. – c will be chosen to fins the smallest e that achieves f ( I + e ) = L – Resulting adversarial images occupy low probability pockets in the manifold, acting like blind spots to the DNN – Ian Goodfellow et. al showed that adversarial images are more common and can be found by taking steps in the direction of gradient of loss ( f ( I + e ) , L ) – Ian Goodfellow et.al showed that adversarial images exist for other models, including linear classifiers – They argue that the problems arises when the models are too linear
  • 63. WHAT I S T H E WAY A H E A D ?
  • 64. L I M I TAT I O N S O F D E E P N E U R A L N E T S Deep Neural Nets for image classification can be circumvented One such category of adversarial images is designed to disrupt image classification They raise questions about the nature of learned representations Interestingly adversarial images can be harnessed for improved learning algorithms that exhibit improved robustness and better generalization
  • 65. A DV E R S A R I A L A . I . It’s a common sci-fi theme : Robot v/s Robot A series of published research papers has produced evidence that Convolutional Neural Networks can be fooled
  • 66. A DV E R S A R I A L N O I S E Adversaries can craft particular inputs, named adversarial samples, leading models to produce an output behavior of their choice, such as misclassification. Inputs are crafted by adding a carefully chosen adversarial perturbation to a legitimate sample. The resulting sample is not necessarily unnatural, i.e. outside of the training data manifold.Algorithms crafting adversarial samples are designed to minimize the perturbation, thus making adversarial samples hard to distinguish from legitimate samples. Attacks based on adversarial samples occur after training is complete and therefore, do not require any tampering with the training procedure.
  • 67. P O S S I B L E C O N S E Q U E N C E S Recent studies have shown that deep learning, like other machine learning techniques, is vulnerable to adversarial samples: inputs crafted to force a deep neural network (DNN) to provide adversary-selected outputs. Such attacks can seriously undermine the security of the system supported by the DNN, sometimes with devastating consequences. For example, autonomous vehicles can be crashed, illicit or illegal content can bypass content filters, or biometric authentication systems can be manipulated to allow improper access.
  • 68. D E F I N I N G F E AT U R E S O F A DV E R S A R I A L M AC H I N E S Designed to tackle situations with imperfect knowledge. Consist of competing neural networks A closed form loss function is not required. Some systems have the capability to discover its own loss function Adversarial Learning Finding a Nash Equilibrium to a two player non-cooperative game Adversary DataTypes While Adversary is perceptually similar to one data type, it’s internal representation appears remarkably similar to a different data type, one from different class, bearing little if any apparent similarity to the input.
  • 69. P RO M I S E O F A DV E R S A R I A L M AC H I N E S Adversarial Machines are a fascinating area of research They highlight the limitations of current systems and raise a number of interesting questions It helps us to identify vulnerabilities in deep neural networks It helps us to better understand their attack surface and defend them It opens up a new area of Deep Forensics on Neural Computational Systems Examples : Spams,Authentication, malwares, network intrusion, fraud detection etc.
  • 70.
  • 71. A R E F E R E N C E M O D E L Today we are discussing an innovative method for generating adversarial images that appear perceptually similar to a source image, but whose deep representations mimic the characteristics of natural guide images A Walkthrough on theWorks of : • Sara Sabour • Yanshuai Cao • Fartash Faghri • David J. Fleet Architech Labs,Toronto, Canada , Department of Computer Science, University of Toronto, Canada
  • 72. ADVERSARIAL IMAGE CONSTRUCTION • Let I(s) and I(g) denote the source and guide images. Let Ø(k) be the mapping from an image to its internal DNN representation at layer K. Our goal is to find a new image, I(a) such that the Euclidean distance between Ø(k)I(s) and Ø(k) I(g) is as small as possible and I(a) remains close to the source I(s). • More precisely, I(a) is defined to be the solution to a constrained optimization problem • I(a) = arg min || Ø(k)I - Ø(k)I(g) || 2 – 2, subject to || I – Is || ∞ < ∂. • The constraint on the distance between I (a) and I (s) is formulated in terms of L∞ norm to limit the maximum deviation of any single pixel color to ∂. • Inspecting the adversarial images, one can see that larger values of ∂ allow more noticeable perturbations . • Interestingly, no natural image was found in which guide image is perceptible in the adversarial image. Nor is there a significant amount of salient structure found in the difference images.Adversarial Images generated from one network are usually misclassified by other networks.
  • 73. A N A LYS I S O F A DV E R S A R I A L I M AG E I N T E R N A L R E P R E S E N TAT I O N S One successful approach has been to invert the mapping, allowing us to display images reconstructed from internal representation at specific layers While the lower layer representations bear similarity to the source, the upper layers are remarkably similar to the guide. Generally, we find that the internal representations begin to mimic the guide at whatever layer was targeted by the optimization Hence it is interesting to see that the human perception and the internal representation of these adversarial images are clearly incongruent.
  • 74. D E E P E R A N A LYS I S O N T H E N AT U R E O F A DV E R S A R I A L I M AG E S Intersection of NNs is another useful similarity measure. Two nearby points should also have similar distance to their NNs. To use this measure of similarity, we take the average distance to K NN as a scalar score for a point, and then rank that point along with the true positive training point in its label class This approach is known as feature adversaries via optimization
  • 75. C O M PA R I S O N O F VA R I O U S A DV E R S E I M AG E G E N E R AT I O N M E T H O D S We are comparing the following four approaches here : • Feature adversaries via optimization • label adversaries via optimization, • label adversaries via fast gradient, • feature adversaries via fast gradient
  • 76. SPARSITY AND ADVERSARIAL CONSTRUCTION METHODS • If the degree of sparsity increases after the adversarial perturbation, the adversarial example is using extra active paths to manipulate the resulting representation. • We can analyze how much activate units are shared between source and the adversary, as well as guide and adversary, by computing the intersection over union I/U of active units. • If the I/U is high on all layers, the two representations share most active paths • On the other hand, if I/U is low, while the degree of sparsity remains the same, then the adversary must have closed some activation paths
  • 77. WHY D O W E N E E D A DV E R S A R I A L M A C H I N E S
  • 78. WHY RANDOMNESS IS IMPORTANT FOR DEEP LEARNING • Random Noise allows neural nets to produce multiple outputs given same instance of input • Random noise limits the amount of information flowing through the network, forcing the network to learn meaningful representations of data. • Random noise provides "exploration energy" for finding better optimization solutions during gradient descent. • Adding Gradient Noise helps to – Helps to void overfitting – Help to lower training loss – Reduction in error rate
  • 79. TOPIC OF DISCUSSION : DEFENSIVE DISTILLATION • Aiming to reduce the effectiveness of adversarial samples on DNNs. • The study shows that defensive distillation can reduce effectiveness of sample creation from 95% to less than 0.5% on a studied DNN. • Such dramatic gains can be explained by the fact that distillation leads gradients used in adversarial sample creation to be reduced by a factor of 10 30. • Distillation increases the average minimum number of features that need to be modified to create adversarial samples by about 800% on one of the DNNs.
  • 80. NATURE OF ADVERSARIAL ATTACKS • Inputs are crafted by adding a carefully chosen adversarial perturbation to a legitimate sample. • The resulting sample is not necessarily unnatural, i.e. outside of the training data manifold. • Algorithms crafting adversarial samples are designed to minimize the perturbation, thus making adversarial samples hard to distinguish from legitimate samples. • Attacks based on adversarial samples occur after training is complete and therefore do not require any tampering with the training procedure. • Attacks based on adversarial samples were primarily exploiting gradients computed to estimate the sensitivity of networks to its input dimensions.
  • 81. ADVERSARIAL DEEP LEARNING • Simple confidence reduction – The aim is to reduce a DNN’s confidence on a prediction, thus introducing class ambiguity • Source-target misclassification – The goal is to be able to take a sample from any source class and alter it so as to have the DNN classify it in any chosen target class distinct from the source class. • Examples : – Potential examples of adversarial samples in realistic contexts could include slightly altering malware executables in order to evade detection systems built using DNNs – adding perturbations to handwritten digits on a check resulting in a DNN wrongly recognizing the digits (for instance, forcing the DNN to read a larger amount than written on the check) – altering a pattern of illegal financial operations to prevent it from being picked up by fraud detections systems using DNNs.
  • 83. ESSENCE OF DISTILLATION METHOD • Distillation is a training procedure initially designed to train a DNN using knowledge transferred from a different DNN. • The motivation behind the knowledge transfer operated by distillation is to reduce the computational complexity of DNN architectures by transferring knowledge from larger architectures to smaller ones. • This facilitates the deployment of deep learning in resource constrained devices (e.g. smartphones) which cannot rely on powerful GPUs to perform computations.
  • 84. DEFENSIVE DISTILLATION APPROACH • A new variant of distillation to provide for defense training: instead of transferring knowledge between different architectures, it is proposed to use the knowledge extracted from a DNN to improve its own resilience to adversarial samples. • We can use the knowledge extracted during distillation to reduce the amplitude of network gradients exploited by adversaries to craft adversarial samples. • If adversarial gradients are high, crafting adversarial samples becomes easier because small perturbations will induce high DNN output variations. • To defend against such perturbations, one must therefore reduce variations around the input, and consequently the amplitude of adversarial gradients. • In other words, we use defensive distillation to smooth the model learned by a DNN architecture during training by helping the model generalize better to samples outside of its training dataset.
  • 85. NEURAL NETWORK DISTILLATION • Distillation is motivated by the end goal of reducing the size of DNN architectures or ensembles of DNN architectures, so as to reduce their computing resource needs, and in turn allow deployment on resource constrained devices like smartphones. • The general intuition behind the technique is to extract class probability vectors produced by a first DNN or an ensemble of DNNs to train a second DNN of reduced dimensionality without loss of accuracy. • This intuition is based on the fact that knowledge acquired by DNNs during training is not only encoded in weight parameters learned by the DNN but is also encoded in the probability vectors produced by the network
  • 86. DISTILLATION AND NEURAL NETWORK ARCHITECTURE • Distillation extracts class knowledge from these probability vectors to transfer it into a different DNN architecture during training. • To perform this transfer, distillation labels inputs in the training dataset of the second DNN using their classification predictions according to the first DNN. • The probability vectors produced by the first DNN are then used to label the dataset. These new labels are called soft labels as opposed to hard class labels
  • 87. BUILDING A ROBUST DNN • A robust DNN should – Display good accuracy inside and outside of its training dataset – Model a smooth classifier function (F) which would intuitively classify inputs relatively consistently in the neighborhood of a given sample. – The larger this neighborhood is for all inputs within the natural distribution of samples, the more robust is the DNN. • The higher the average minimum perturbation required to misclassify a sample from the data manifold is, the more robust the DNN is to adversarial samples.
  • 88. DEFENSE MECHANISM BASED ON THE TRANSFER OF KNOWLEDGE CONTAINED IN PROBABILITY VECTORS THROUGH DISTILLATION
  • 90. PROPOSED BIDIRECTIONAL GAN ARCHITECTURE TO MINIMIZE ADVERSARIAL PERTURBATION EFFECTS Generator Discriminator A Discriminator B Unknown Data VAE Encoder Convex Conjugate Filter Function Convex Conjugate Filter Function
  • 91. PROPOSED REVISIONS • Introducing Bloom Filters for improving the accuracy of the Discriminators • Julia Fatou Biholomorphic Architecture in the Generator to eliminate adversarial noise • Julia Fatou Bihomomorphic Architecture in the Discriminators to eliminate adversarial noise • Orthogonal function controlled Discriminators to eliminate fake data
  • 92. MACHINE SENTIENT BEINGS E M E R G E N C E O F B E H AV I O R A L M A C H I N E S
  • 93. BEHAVIORAL AI – EMERGING FUTURE Creative AI Sentinel AI Hegemonic AI Affectionate AI Subservient AI Sublime AI Cynical AI
  • 94. M I N - M A X G A M E S Minimax is a kind of backtracking algorithm that is used in decision making and game theory to find the optimal move for a player, assuming that your opponent also plays optimally.
  • 95. INTRODUCTION TO GAME THEORY • Games are essentially optimization problems with more than one decision maker ( player ) often with conflicting goals. • Involves carving out a subclass of non-convex games by identifying the composition of simple functions as an essential feature common to deep learning architectures • Compositionality is formalized via distributed communication protocols and grammars
  • 96. ADVERSARIAL NOISE • There exist a constant p > 0 such that for any circuit C there exist a circuit C’ such that – Size (C’) < Size (C) * poly log ( size (C)) – If C’ is implemented with noise p at every gate, then it will implement C correctly with probability > 0.99 (Von Neuman )