An empirical study on robustness of DNNs with out-of-distribution awareness

Lingjun Zhou, Bing Yu, David Berend, Xiaofei Xie, Xiaohong Li, Jianjun Zhao, Xusheng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The state-of-the-art deep neural network (DNN) achieves impressive performance on the input that is similar to training data. However, it fails to make reasonable decisions on the input that is quite different from training data, i.e., out-of-distribution (OOD) examples. Although many techniques have been proposed to detect OOD examples in recent years, it is still a lack of a systematic study about the effectiveness and robustness of different techniques as well as the performance of OOD-aware DNN models. In this paper, we conduct a comprehensive study to unveil the mystery of current OOD detection techniques, and investigate the differences between OOD-unaware/-aware DNNs in model performance, robustness, and uncertainty. We first compare the effectiveness of existing detection techniques and identify the best one. Then, evasion attacks are performed to evaluate the robustness of techniques. Furthermore, we compare the accuracy and robustness between OOD-unaware/-aware DNNs. At last, we study the uncertainty of different models on various kinds of data. Empirical results show OOD-aware detection modules have better performance and are more robust against random noises and evasion attacks. OOD-awareness seldom degrades the accuracy of DNN models in training/test datasets. In contrast, it makes the DNN model more robust against adversarial attacks and noisy inputs. Our study calls for attention to the development of OOD-aware DNN models and the necessity to take data distribution into account when robust and reliable DNN models are desired.

Original languageEnglish
Title of host publicationProceedings - 2020 27th Asia-Pacific Software Engineering Conference, APSEC 2020
PublisherIEEE Computer Society
Pages266-275
Number of pages10
ISBN (Electronic)9781728195537
DOIs
Publication statusPublished - Dec 2020
Event27th Asia-Pacific Software Engineering Conference, APSEC 2020 - Singapore, Singapore
Duration: Dec 1 2020Dec 4 2020

Publication series

NameProceedings - Asia-Pacific Software Engineering Conference, APSEC
Volume2020-December
ISSN (Print)1530-1362

Conference

Conference27th Asia-Pacific Software Engineering Conference, APSEC 2020
CountrySingapore
CitySingapore
Period12/1/2012/4/20

All Science Journal Classification (ASJC) codes

  • Software

Fingerprint Dive into the research topics of 'An empirical study on robustness of DNNs with out-of-distribution awareness'. Together they form a unique fingerprint.

Cite this