[論文閱讀筆記]The Limitations of Deep Learning in Adversarial Settings

論文題目:The Limitations of Deep Learning in Adversarial Settings
論文地址:https://arxiv.org/abs/1511.07528

JSMA


算法的主要步驟有以下三個:

  1. 計算前向導數(shù)J_F(X^*);
  2. 基于前向導數(shù)構造雅可比顯著圖S
  3. 利用\theta修改輸入特征i_{max}。

Step 1. 計算前向導數(shù)J_F(X^*)

\mathbf{F}_{j}(\mathbf{X})=f_{n+1, j}\left(\mathbf{W}_{n+1, j} \cdot \mathbf{H}_{n}+b_{n+1, j}\right)Thus, we apply the chain rule again to obtain:
\begin{aligned} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial x_{i}}=&\left(\mathbf{W}_{n+1, j} \cdot \frac{\partial \mathbf{H}_{n}}{\partial x_{i}}\right) \times \frac{\partial f_{n+1, j}}{\partial x_{i}}\left(\mathbf{W}_{n+1, j} \cdot \mathbf{H}_{n}+b_{n+1, j}\right) \end{aligned}

Step 2. 構造雅可比顯著圖S

增大輸入特征S(\mathbf{X}, t)[i]=\left\{\begin{array}{l} 0 \text { if } \frac{\partial \mathbf{F}_{t}(\mathbf{X})}{\partial \mathbf{X}_{i}}<0 \text { or } \sum_{j \neq t} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial \mathbf{X}_{i}}>0 \\ \left(\frac{\partial \mathbf{F}_{t}(\mathbf{X})}{\partial \mathbf{X}_{i}}\right)\left|\sum_{j \neq t} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial \mathbf{X}_{i}}\right| \text { otherwise } \end{array}\right.
減小輸入特征
S(\mathbf{X}, t)[i]=\left\{\begin{array}{l} 0 \text { if } \frac{\partial \mathbf{F}_{t}(\mathbf{X})}{\partial \mathbf{X}}>0 \text { or } \sum_{j \neq t} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial \mathbf{X}_{i}}<0 \\ \left|\frac{\partial \mathbf{F}_{t}(\mathbf{X})}{\partial \mathbf{X}_{i}}\right|\left(\sum_{j \neq t} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial \mathbf{X}_{i}}\right) \text { otherwise } \end{array}\right.

Step 3. 利用\theta修改輸入特征i_{max}

參考

知乎-[論文筆記] The Limitations of Deep Learning in Adversarial Settings
CSDN-ZQL[論文閱讀筆記]The Limitations of Deep Learning in Adversarial Settings
關于The Limitations of Deep Learning in Adversarial Settings的理解

?著作權歸作者所有,轉載或內容合作請聯(lián)系作者
【社區(qū)內容提示】社區(qū)部分內容疑似由AI輔助生成,瀏覽時請結合常識與多方信息審慎甄別。
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發(fā)布,文章內容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務。

相關閱讀更多精彩內容

友情鏈接更多精彩內容