TY - GEN
T1 - Towards evolving robust neural architectures to defend from adversarial attacks
AU - Kotyan, Shashank
AU - Vargas, Danilo Vasconcellos
N1 - Funding Information:
This work was supported by JST, ACT-I Grant Numbers JP-50166 and JP-50243, Japan.
Publisher Copyright:
© 2020 Owner/Author.
PY - 2020/7/8
Y1 - 2020/7/8
N2 - Neural networks are known to misclassify a class of subtly modified images known as adversarial samples. Recently, numerous defences have been proposed against these adversarial samples; however, none have improved the robustness of neural networks consistently. Here, we propose to use adversarial samples as a function evaluation to explore for robust neural architectures that can resist such attacks. Experiments on existing neural architecture search algorithms from the literature reveal that although accurate, they are not able to find robust architectures. An essential cause for this lies in their confined search space. We were able to evolve an architecture that is intrinsically accurate on adversarial samples by creating a novel neural architecture search. Thus, the results here demonstrate that more robust architectures exist as well as opens up a new range of possibilities for the development and exploration of neural networks using neural architecture search.
AB - Neural networks are known to misclassify a class of subtly modified images known as adversarial samples. Recently, numerous defences have been proposed against these adversarial samples; however, none have improved the robustness of neural networks consistently. Here, we propose to use adversarial samples as a function evaluation to explore for robust neural architectures that can resist such attacks. Experiments on existing neural architecture search algorithms from the literature reveal that although accurate, they are not able to find robust architectures. An essential cause for this lies in their confined search space. We were able to evolve an architecture that is intrinsically accurate on adversarial samples by creating a novel neural architecture search. Thus, the results here demonstrate that more robust architectures exist as well as opens up a new range of possibilities for the development and exploration of neural networks using neural architecture search.
UR - http://www.scopus.com/inward/record.url?scp=85089728014&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85089728014&partnerID=8YFLogxK
U2 - 10.1145/3377929.3389962
DO - 10.1145/3377929.3389962
M3 - Conference contribution
AN - SCOPUS:85089728014
T3 - GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion
SP - 135
EP - 136
BT - GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion
PB - Association for Computing Machinery, Inc
T2 - 2020 Genetic and Evolutionary Computation Conference, GECCO 2020
Y2 - 8 July 2020 through 12 July 2020
ER -