Adversarial Machine Learning in Julia

Slides:



Advertisements
Similar presentations
Memristor in Learning Neural Networks
Advertisements

Perceptron Learning Rule
Face Recognition and Biometric Systems Eigenfaces (2)
Linear Classifiers (perceptrons)
Salvatore giorgi Ece 8110 machine learning 5/12/2014
CSCI 347 / CS 4206: Data Mining Module 07: Implementations Topic 03: Linear Models.
Face Alignment with Part-Based Modeling
Face Recognition & Biometric Systems Support Vector Machines (part 2)
Thesis title: “Studies in Pattern Classification – Biological Modeling, Uncertainty Reasoning, and Statistical Learning” 3 parts: (1)Handwritten Digit.
EE462 MLCV Lecture 5-6 Object Detection – Boosting Tae-Kyun Kim.
CSC321: Neural Networks Lecture 3: Perceptrons
Lecture 14 – Neural Networks
CS292 Computational Vision and Language Pattern Recognition and Classification.
Learning from Observations Chapter 18 Section 1 – 4.
By Fernando Seoane, April 25 th, 2006 Demo for Non-Parametric Classification Euclidean Metric Classifier with Data Clustering.
Supervised Distance Metric Learning Presented at CMU’s Computer Vision Misc-Read Reading Group May 9, 2007 by Tomasz Malisiewicz.
Cliff Rhyne and Jerry Fu June 5, 2007 Parallel Image Segmenter CSE 262 Spring 2007 Project Final Presentation.
Pattern Classification All materials in these slides were taken from Pattern Classification (2nd ed) by R. O. Duda, P. E. Hart and D. G. Stork, John Wiley.
Face Processing System Presented by: Harvest Jang Group meeting Fall 2002.
Face Detection and Neural Networks Todd Wittman Math 8600: Image Analysis Prof. Jackie Shen December 2001.
Vision-Based Biometric Authentication System by Padraic o hIarnain Final Year Project Presentation.
Face Detection using the Viola-Jones Method
Face Alignment Using Cascaded Boosted Regression Active Shape Models
ADVANCED CLASSIFICATION TECHNIQUES David Kauchak CS 159 – Fall 2014.
Artificial Neural Network Theory and Application Ashish Venugopal Sriram Gollapalli Ulas Bardak.
Texture analysis Team 5 Alexandra Bulgaru Justyna Jastrzebska Ulrich Leischner Vjekoslav Levacic Güray Tonguç.
Apache Mahout. Mahout Introduction Machine Learning Clustering K-means Canopy Clustering Fuzzy K-Means Conclusion.
An Introduction to Support Vector Machine (SVM) Presenter : Ahey Date : 2007/07/20 The slides are based on lecture notes of Prof. 林智仁 and Daniel Yeung.
Pattern Recognition April 19, 2007 Suggested Reading: Horn Chapter 14.
Visual Information Systems Recognition and Classification.
Digital Image Processing
The Implementation of Markerless Image-based 3D Features Tracking System Lu Zhang Feb. 15, 2005.
Object detection, deep learning, and R-CNNs
Gang WangDerek HoiemDavid Forsyth. INTRODUCTION APROACH (implement detail) EXPERIMENTS CONCLUSION.
Lecture 6: Classification – Boosting and SVMs CAP 5415 Fall 2006.
An Introduction to Support Vector Machine (SVM)
Back-Propagation Algorithm AN INTRODUCTION TO LEARNING INTERNAL REPRESENTATIONS BY ERROR PROPAGATION Presented by: Kunal Parmar UHID:
Learning to Detect Faces A Large-Scale Application of Machine Learning (This material is not in the text: for further information see the paper by P.
Delivering Business Value through IT Face feature detection using Java and OpenCV 1.
A Statistical Approach to Texture Classification Nicholas Chan Heather Dunlop Project Dec. 14, 2005.
K nearest neighbors algorithm Parallelization on Cuda PROF. VELJKO MILUTINOVIĆ MAŠA KNEŽEVIĆ 3037/2015.
Carl Vondrick, Aditya Khosla, Tomasz Malisiewicz, Antonio Torralba Massachusetts Institute of Technology
6.S093 Visual Recognition through Machine Learning Competition Image by kirkh.deviantart.com Joseph Lim and Aditya Khosla Acknowledgment: Many slides from.
Learning Kernel Classifiers 1. Introduction Summarized by In-Hee Lee.
May 2003 SUT Color image segmentation – an innovative approach Amin Fazel May 2003 Sharif University of Technology Course Presentation base on a paper.
Machine Learning Artificial Neural Networks MPλ ∀ Stergiou Theodoros 1.
Another Example: Circle Detection
Large Margin classifiers
MIRA, SVM, k-NN Lirong Xia. MIRA, SVM, k-NN Lirong Xia.
Machine Learning I & II.
R-CNN region By Ilia Iofedov 11/11/2018 BGU, DNN course 2016.
Dynamic Routing Using Inter Capsule Routing Protocol Between Capsules
Fast and Robust Object Tracking with Adaptive Detection
Machine Learning & Data Science
Object Recognition & Detection
Cos 429: Face Detection (Part 2) Viola-Jones and AdaBoost Guest Instructor: Andras Ferencz (Your Regular Instructor: Fei-Fei Li) Thanks to Fei-Fei.
Bolun Wang*, Yuanshun Yao, Bimal Viswanath§ Haitao Zheng, Ben Y. Zhao
Instance Based Learning
CS 188: Artificial Intelligence Fall 2008
Image recognition: Defense adversarial attacks
Deep Learning and Mixed Integer Optimization
Chapter 11 Practical Methodology
Artifacts of Adversarial Examples
Image Compression Using An Adaptation of the ART Algorithm
MCMC Inference over Latent Diffeomorphisms
Autoencoders hi shea autoencoders Sys-AI.
Course Recap and What’s Next?
Adversarial Machine Learning in Image Recognition
MIRA, SVM, k-NN Lirong Xia. MIRA, SVM, k-NN Lirong Xia.
Developments in Adversarial Machine Learning
Presentation transcript:

Adversarial Machine Learning in Julia Paul Gibby 12/10/2018

Adversarial Machine Learning Adversarial machine learning is when you take input and perturb it imperceptibly to make a machine learning algorithm respond “incorrectly” Most attacks currently target image classifiers The existence of these adversarial examples means that we can’t fully trust the output of machine learning if an adversary can control the input. This is most dangerous in the case of malware classification

Why Julia? Julia is well suited for machine learning and optimization problems, and does them very fast. Easily extendable Many helpful libraries like Knet Easy parallelization Currently doesn’t seem to exist yet in Julia (closest is a couple of implementations of GAN)

Adversarial Algorithms L-BFGS Optimization of a cost function with box constraints Fast Gradient Sign Method (FGSM) A single step of gradient descent. Weakest method, but very fast Iterative Gradient Sign Method (IGSM) Multiple steps of gradient descent JSMA For each step, finds a pair of pixels that if changed will have the greatest effect of moving the image to the target Carlini-Wagner A sophisticated attack that bypasses an early attempt at defense. Similar to L-BFGS, but optimized over a tanh space and a different cost function

Distance Metrics We assess whether a change to an image is imperceptible by measuring its distance from the original L2 distance – Standard Euclidean distance between flattened images Simple and fast DSSIM – a measurement of visual distortion between two images More complicated, but better reflects human vision

To the Demo!

Comparison with CleverHans Attack CleverHans (Python) Julia FGSM 0.14 .05 JSMA 20,000 75

Practical Application – Malware Detection Took data of traits (API calls, etc) of malware and trained a classifier on it. With a simple algorithm, each malware could have a single feature added to it that causes a misclassification

Thank You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.