Towards evolving robust neural architectures to defend from adversarial attacks

Shashank Kotyan; Danilo Vasconcellos Vargas

doi:10.1145/3377929.3389962

Towards evolving robust neural architectures to defend from adversarial attacks

Shashank Kotyan, Danilo Vasconcellos Vargas

Mathematical Informatics

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Neural networks are known to misclassify a class of subtly modified images known as adversarial samples. Recently, numerous defences have been proposed against these adversarial samples; however, none have improved the robustness of neural networks consistently. Here, we propose to use adversarial samples as a function evaluation to explore for robust neural architectures that can resist such attacks. Experiments on existing neural architecture search algorithms from the literature reveal that although accurate, they are not able to find robust architectures. An essential cause for this lies in their confined search space. We were able to evolve an architecture that is intrinsically accurate on adversarial samples by creating a novel neural architecture search. Thus, the results here demonstrate that more robust architectures exist as well as opens up a new range of possibilities for the development and exploration of neural networks using neural architecture search.

Original language	English
Title of host publication	GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion
Publisher	Association for Computing Machinery, Inc
Pages	135-136
Number of pages	2
ISBN (Electronic)	9781450371278
DOIs	https://doi.org/10.1145/3377929.3389962
Publication status	Published - Jul 8 2020
Event	2020 Genetic and Evolutionary Computation Conference, GECCO 2020 - Cancun, Mexico Duration: Jul 8 2020 → Jul 12 2020

Publication series

Name	GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion

Conference

Conference	2020 Genetic and Evolutionary Computation Conference, GECCO 2020
Country	Mexico
City	Cancun
Period	7/8/20 → 7/12/20

All Science Journal Classification (ASJC) codes

Computational Mathematics

Access to Document

10.1145/3377929.3389962

Fingerprint Dive into the research topics of 'Towards evolving robust neural architectures to defend from adversarial attacks'. Together they form a unique fingerprint.

Cite this

Kotyan, S., & Vargas, D. V. (2020). Towards evolving robust neural architectures to defend from adversarial attacks. In GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion (pp. 135-136). (GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion). Association for Computing Machinery, Inc. https://doi.org/10.1145/3377929.3389962

Towards evolving robust neural architectures to defend from adversarial attacks. / Kotyan, Shashank; Vargas, Danilo Vasconcellos.

GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion. Association for Computing Machinery, Inc, 2020. p. 135-136 (GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kotyan, S & Vargas, DV 2020, Towards evolving robust neural architectures to defend from adversarial attacks. in GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion. GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion, Association for Computing Machinery, Inc, pp. 135-136, 2020 Genetic and Evolutionary Computation Conference, GECCO 2020, Cancun, Mexico, 7/8/20. https://doi.org/10.1145/3377929.3389962

Kotyan S, Vargas DV. Towards evolving robust neural architectures to defend from adversarial attacks. In GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion. Association for Computing Machinery, Inc. 2020. p. 135-136. (GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion). https://doi.org/10.1145/3377929.3389962

Kotyan, Shashank ; Vargas, Danilo Vasconcellos. / Towards evolving robust neural architectures to defend from adversarial attacks. GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion. Association for Computing Machinery, Inc, 2020. pp. 135-136 (GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion).

@inproceedings{744f69c4ff9140e7add7153fcbddcfa7,

title = "Towards evolving robust neural architectures to defend from adversarial attacks",

abstract = "Neural networks are known to misclassify a class of subtly modified images known as adversarial samples. Recently, numerous defences have been proposed against these adversarial samples; however, none have improved the robustness of neural networks consistently. Here, we propose to use adversarial samples as a function evaluation to explore for robust neural architectures that can resist such attacks. Experiments on existing neural architecture search algorithms from the literature reveal that although accurate, they are not able to find robust architectures. An essential cause for this lies in their confined search space. We were able to evolve an architecture that is intrinsically accurate on adversarial samples by creating a novel neural architecture search. Thus, the results here demonstrate that more robust architectures exist as well as opens up a new range of possibilities for the development and exploration of neural networks using neural architecture search.",

author = "Shashank Kotyan and Vargas, {Danilo Vasconcellos}",

year = "2020",

month = jul,

day = "8",

doi = "10.1145/3377929.3389962",

language = "English",

series = "GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion",

publisher = "Association for Computing Machinery, Inc",

pages = "135--136",

booktitle = "GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion",

note = "2020 Genetic and Evolutionary Computation Conference, GECCO 2020 ; Conference date: 08-07-2020 Through 12-07-2020",

}

TY - GEN

T1 - Towards evolving robust neural architectures to defend from adversarial attacks

AU - Kotyan, Shashank

AU - Vargas, Danilo Vasconcellos

PY - 2020/7/8

Y1 - 2020/7/8

N2 - Neural networks are known to misclassify a class of subtly modified images known as adversarial samples. Recently, numerous defences have been proposed against these adversarial samples; however, none have improved the robustness of neural networks consistently. Here, we propose to use adversarial samples as a function evaluation to explore for robust neural architectures that can resist such attacks. Experiments on existing neural architecture search algorithms from the literature reveal that although accurate, they are not able to find robust architectures. An essential cause for this lies in their confined search space. We were able to evolve an architecture that is intrinsically accurate on adversarial samples by creating a novel neural architecture search. Thus, the results here demonstrate that more robust architectures exist as well as opens up a new range of possibilities for the development and exploration of neural networks using neural architecture search.

AB - Neural networks are known to misclassify a class of subtly modified images known as adversarial samples. Recently, numerous defences have been proposed against these adversarial samples; however, none have improved the robustness of neural networks consistently. Here, we propose to use adversarial samples as a function evaluation to explore for robust neural architectures that can resist such attacks. Experiments on existing neural architecture search algorithms from the literature reveal that although accurate, they are not able to find robust architectures. An essential cause for this lies in their confined search space. We were able to evolve an architecture that is intrinsically accurate on adversarial samples by creating a novel neural architecture search. Thus, the results here demonstrate that more robust architectures exist as well as opens up a new range of possibilities for the development and exploration of neural networks using neural architecture search.

UR - http://www.scopus.com/inward/record.url?scp=85089728014&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85089728014&partnerID=8YFLogxK

U2 - 10.1145/3377929.3389962

DO - 10.1145/3377929.3389962

M3 - Conference contribution

AN - SCOPUS:85089728014

T3 - GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion

SP - 135

EP - 136

BT - GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion

PB - Association for Computing Machinery, Inc

T2 - 2020 Genetic and Evolutionary Computation Conference, GECCO 2020

Y2 - 8 July 2020 through 12 July 2020

ER -