Advanced search
1 file | 3.98 MB Add to list

Detecting adversarial manipulation using inductive Venn-ABERS predictors

Jonathan Peck (UGent) , Bart Goossens (UGent) and Yvan Saeys (UGent)
Author
Organization
Abstract
Inductive Venn-ABERS predictors (IVAPs) are a type of probabilistic predictors with the theoretical guarantee that their predictions are perfectly calibrated. In this paper, we propose to exploit this calibration property for the detection of adversarial examples in binary classification tasks. By rejecting predictions if the uncertainty of the IVAP is too high, we obtain an algorithm that is both accurate on the original test set and resistant to adversarial examples. This robustness is observed on adversarials for the underlying model as well as adversarials that were generated by taking the IVAP into account. The method appears to offer competitive robustness compared to the state-of-the-art in adversarial defense yet it is computationally much more tractable.
Keywords
Cognitive Neuroscience, Artificial Intelligence, Computer Science Applications

Downloads

  • 1-s2.0-S0925231220305087-main.pdf
    • full text (Accepted manuscript)
    • |
    • open access
    • |
    • PDF
    • |
    • 3.98 MB

Citation

Please use this url to cite or link to this publication:

MLA
Peck, Jonathan, et al. “Detecting Adversarial Manipulation Using Inductive Venn-ABERS Predictors.” Neurocomputing, ELSEVIER, 2020.
APA
Peck, J., Goossens, B., & Saeys, Y. (2020). Detecting adversarial manipulation using inductive Venn-ABERS predictors. Neurocomputing.
Chicago author-date
Peck, Jonathan, Bart Goossens, and Yvan Saeys. 2020. “Detecting Adversarial Manipulation Using Inductive Venn-ABERS Predictors.” Neurocomputing.
Chicago author-date (all authors)
Peck, Jonathan, Bart Goossens, and Yvan Saeys. 2020. “Detecting Adversarial Manipulation Using Inductive Venn-ABERS Predictors.” Neurocomputing.
Vancouver
1.
Peck J, Goossens B, Saeys Y. Detecting adversarial manipulation using inductive Venn-ABERS predictors. Neurocomputing. 2020;
IEEE
[1]
J. Peck, B. Goossens, and Y. Saeys, “Detecting adversarial manipulation using inductive Venn-ABERS predictors,” Neurocomputing, 2020.
@article{8658357,
  abstract     = {Inductive Venn-ABERS predictors (IVAPs) are a type of probabilistic predictors with the theoretical guarantee that their predictions are perfectly calibrated. In this paper, we propose to exploit this calibration property for the detection of adversarial examples in binary classification tasks. By rejecting predictions if the uncertainty of the IVAP is too high, we obtain an algorithm that is both accurate on the original test set and resistant to adversarial examples. This robustness is observed on adversarials for the underlying model as well as adversarials that were generated by taking the IVAP into account. The method appears to offer competitive robustness compared to the state-of-the-art in adversarial defense yet it is computationally much more tractable.},
  author       = {Peck, Jonathan and Goossens, Bart and Saeys, Yvan},
  issn         = {0925-2312},
  journal      = {Neurocomputing},
  keywords     = {Cognitive Neuroscience,Artificial Intelligence,Computer Science Applications},
  language     = {eng},
  publisher    = {ELSEVIER},
  title        = {Detecting adversarial manipulation using inductive Venn-ABERS predictors},
  url          = {http://dx.doi.org/10.1016/j.neucom.2019.11.113},
  year         = {2020},
}

Altmetric
View in Altmetric