Reducing classifier overconfidence against adversaries through graph algorithms

被引:0
|
作者
Leonardo Teixeira
Brian Jalaian
Bruno Ribeiro
机构
[1] Purdue University,Department of Computer Science
[2] U.S. Army Research Laboratory,undefined
来源
Machine Learning | 2023年 / 112卷
关键词
Adversarial robustness; Overconfidence; Gossip algorithm;
D O I
暂无
中图分类号
学科分类号
摘要
In this work we show that deep learning classifiers tend to become overconfident in their answers under adversarial attacks, even when the classifier is optimized to survive such attacks. Our work draws upon stochastic geometry and graph algorithms to propose a general framework to replace the last fully connected layer and softmax output. This framework (a) can be applied to any classifier and (b) significantly reduces the classifier’s overconfidence in its output without much of an impact on its accuracy when compared to original adversarially-trained classifiers. Its relative effectiveness increases as the attacker becomes more powerful. Our use of graph algorithms in adversarial learning is new and of independent interest. Finally, we show the advantages of this last-layer softmax replacement over image tasks under common adversarial attacks.
引用
收藏
页码:2619 / 2651
页数:32
相关论文
共 50 条
  • [1] Reducing classifier overconfidence against adversaries through graph algorithms
    Teixeira, Leonardo
    Jalaian, Brian
    Ribeiro, Bruno
    [J]. MACHINE LEARNING, 2023, 112 (07) : 2619 - 2651
  • [2] Classifier evaluation and attribute selection against active adversaries
    Murat Kantarcıoğlu
    Bowei Xi
    Chris Clifton
    [J]. Data Mining and Knowledge Discovery, 2011, 22 : 291 - 335
  • [3] Classifier evaluation and attribute selection against active adversaries
    Kantarcioglu, Murat
    Xi, Bowei
    Clifton, Chris
    [J]. DATA MINING AND KNOWLEDGE DISCOVERY, 2011, 22 (1-2) : 291 - 335
  • [4] Distributed CONGEST Algorithms against Mobile Adversaries
    Fischer, Orr
    Parter, Merav
    [J]. PROCEEDINGS OF THE 2023 ACM SYMPOSIUM ON PRINCIPLES OF DISTRIBUTED COMPUTING, PODC 2023, 2023, : 262 - 273
  • [5] Reducing Costs by Graph Algorithms
    Drabikova, Elena
    Skrabul'akova, Erika Feckova
    [J]. 2018 19TH INTERNATIONAL CARPATHIAN CONTROL CONFERENCE (ICCC), 2018, : 113 - 117
  • [6] Reducing Conversational Agents' Overconfidence Through Linguistic Calibration
    Mielke, Sabrina J. J.
    Szlam, Arthur
    Dinan, Emily
    Boureau, Y-Lan
    [J]. TRANSACTIONS OF THE ASSOCIATION FOR COMPUTATIONAL LINGUISTICS, 2022, 10 : 857 - 872
  • [7] Randomized distributed online algorithms against adaptive offline adversaries
    Boyar, Joan
    Ellen, Faith
    Larsen, Kim S.
    [J]. INFORMATION PROCESSING LETTERS, 2020, 161
  • [8] Online Learning with Graph-Structured Feedback against Adaptive Adversaries
    Feng, Zhili
    Loh, Po-Ling
    [J]. 2018 IEEE INTERNATIONAL SYMPOSIUM ON INFORMATION THEORY (ISIT), 2018, : 931 - 935
  • [9] Graph Sketching Against Adaptive Adversaries Applied to the Minimum Degree Algorithm
    Fahrbach, Matthew
    Miller, Gary L.
    Peng, Richard
    Sawlani, Saurabh
    Wang, Junxing
    Xu, Shen Chen
    [J]. 2018 IEEE 59TH ANNUAL SYMPOSIUM ON FOUNDATIONS OF COMPUTER SCIENCE (FOCS), 2018, : 101 - 112
  • [10] Distributed demand response algorithms against semi-honest adversaries
    Zhu, Minghui
    [J]. 2014 IEEE PES GENERAL MEETING - CONFERENCE & EXPOSITION, 2014,
12345