时 间:2021年11月25日(周四)13:00-14:30
地 点:腾讯会议:688 676 063
题 目:Adversarial Image Generation and Training for Deep Neural Networks
主讲人:谌自奇 华东师范大学研究员
主持人:方方 教授
主 办:统计与数据科学前沿理论及应用教育部重点实验室
摘 要:
Deep neural networks (DNNs) have achieved great success in image classification, but can be very vulnerable to adversarial attacks with small perturbations to images. Moreover, the adversarial training based on adversarial image samples has been shown to improve the robustness and generalization of DNNs. To improve adversarial image generation and training for DNNs, we develop a novel method, called mFI-PSO, which utilizes a Manifold-based First-order Influence measure for vulnerable image/pixel selection and the Particle Swarm Optimization for various objective functions. Our mFI-PSO can thus effectively design adversarial images with flexible, customized options on the number of perturbed pixels, the misclassification probability, and the targeted incorrect class. The mFI-PSO can further improve DNNs in training with the adversarial images crafted from an “intrinsic” perturbation manifold, thereby exhibiting an enhanced adversarial defense in testing. Experiments demonstrate the flexibility and effectiveness of our mFI-PSO in adversarial attacks and training and its appealing advantages over some popular methods.
报告人简介:
谌自奇,华东师范大学紫江青年研究员,博士生导师。研究方向包含高维统计分析、函数型(纵向)数据分析、基于剖面似然的统计推断、生存分析、机器学习、神经网络等。主持国家自然科学基金面上项目1项、国家自然科学基金青年项目1项、上海市自然科学基金1项、湖南省自然科学基金项目1项、获得中国博士后面上和特别资助。他以第一作者或者通讯作者在JASA, Biometric, Statistica Sinica等统计学权威期刊发表(接收)论文10多篇。