Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN.

Original languageEnglish
Title of host publicationProceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages223-227
Number of pages5
ISBN (Electronic)9781538691847
DOIs
Publication statusPublished - Dec 26 2018
Event6th International Symposium on Computing and Networking Workshops, CANDARW 2018 - Takayama, Japan
Duration: Nov 27 2018Nov 30 2018

Publication series

NameProceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018

Conference

Conference6th International Symposium on Computing and Networking Workshops, CANDARW 2018
CountryJapan
CityTakayama
Period11/27/1811/30/18

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Statistics, Probability and Uncertainty
  • Computer Science Applications

Fingerprint Dive into the research topics of 'Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation'. Together they form a unique fingerprint.

  • Cite this

    Su, J., Vargas, D. V., & Sakurai, K. (2018). Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation. In Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018 (pp. 223-227). [8590903] (Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CANDARW.2018.00049