[论文阅读笔记]The Limitations of Deep

作者: wangxiaoguang | 来源:发表于2020-03-28 22:57 被阅读0次

[论文阅读笔记]The Limitations of Deep
DEEP GRAPH INFOMAX 阅读笔记
25组-Deep Residual Learning for I
[NLP论文笔记] Deep contextualized wo
深度学习经典论文Top100 系列之优化-Dropout(1)
The limitations of deep learning
The Limitations of Deep Learning
深度学习学习资料
Deep SORT论文阅读笔记
神经网络压缩实验-Deep-compression

论文题目：The Limitations of Deep Learning in Adversarial Settings
论文地址：https://arxiv.org/abs/1511.07528

JSMA

算法的主要步骤有以下三个：

计算前向导数 $J_F(X^*)$ ；

基于前向导数构造雅可比显著图 $S$ ；

利用 $\theta$ 修改输入特征 $i_{max}$ 。

Step 1. 计算前向导数 $J_F(X^*)$

$\mathbf{F}_{j}(\mathbf{X})=f_{n+1, j}\left(\mathbf{W}_{n+1, j} \cdot \mathbf{H}_{n}+b_{n+1, j}\right)$ Thus, we apply the chain rule again to obtain:
$\begin{aligned} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial x_{i}}=&\left(\mathbf{W}_{n+1, j} \cdot \frac{\partial \mathbf{H}_{n}}{\partial x_{i}}\right) \times \frac{\partial f_{n+1, j}}{\partial x_{i}}\left(\mathbf{W}_{n+1, j} \cdot \mathbf{H}_{n}+b_{n+1, j}\right) \end{aligned}$

Step 2. 构造雅可比显著图 $S$

增大输入特征 $S(\mathbf{X}, t)[i]=\left\{\begin{array}{l} 0 \text { if } \frac{\partial \mathbf{F}_{t}(\mathbf{X})}{\partial \mathbf{X}_{i}}<0 \text { or } \sum_{j \neq t} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial \mathbf{X}_{i}}>0 \\ \left(\frac{\partial \mathbf{F}_{t}(\mathbf{X})}{\partial \mathbf{X}_{i}}\right)\left|\sum_{j \neq t} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial \mathbf{X}_{i}}\right| \text { otherwise } \end{array}\right.$
减小输入特征
$S(\mathbf{X}, t)[i]=\left\{\begin{array}{l} 0 \text { if } \frac{\partial \mathbf{F}_{t}(\mathbf{X})}{\partial \mathbf{X}}>0 \text { or } \sum_{j \neq t} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial \mathbf{X}_{i}}<0 \\ \left|\frac{\partial \mathbf{F}_{t}(\mathbf{X})}{\partial \mathbf{X}_{i}}\right|\left(\sum_{j \neq t} \frac{\partial \mathbf{F}_{j}(\mathbf{X})}{\partial \mathbf{X}_{i}}\right) \text { otherwise } \end{array}\right.$

Step 3. 利用 $\theta$ 修改输入特征 $i_{max}$

参考

知乎-[论文笔记] The Limitations of Deep Learning in Adversarial Settings
CSDN-ZQL[论文阅读笔记]The Limitations of Deep Learning in Adversarial Settings
关于The Limitations of Deep Learning in Adversarial Settings的理解

[论文阅读笔记]The Limitations of Deep
论文题目：The Limitations of Deep Learning in Adversarial Sett...
DEEP GRAPH INFOMAX 阅读笔记
DGI: Deep Graph Infomax 阅读笔记论文来源：2019 ICLR 论文链接：Deep Gra...
25组-Deep Residual Learning for I
“Deep Residual Learning for Image Recognition” 阅读笔记论文作者：...
[NLP论文笔记] Deep contextualized wo
Deep contextualized word representations(ELMo)阅读笔记本文是对论文...
深度学习经典论文Top100 系列之优化-Dropout(1)
深度学习经典论文Top100(Most Cited Deep Learning Papers) 阅读笔记. 论文集...
The limitations of deep learning
出处：https://blog.keras.io/the-limitations-of-deep-learning...
The Limitations of Deep Learning
Nicolas Papernot, Patrick McDaniel, Somesh Jha, Matt Fred...
深度学习学习资料
Deep Learning源代码收集-持续更新… Deep Learning论文笔记之（八）Deep Learni...
Deep SORT论文阅读笔记
本文主要讲解Deep SORT论文核心内容，包括状态估计、匹配方法、级联匹配、表观模型等核心内容。 1. 简介 S...
神经网络压缩实验-Deep-compression
首发于个人博客，结合论文阅读笔记更佳实验准备基础网络搭建为了实现神经网络的deep compression，...