Thwarting Adversarial Examples: An $L_0$-Robust Sparse Fourier Transform

Mitali Bafna; Jack Murtagh; Nikhil Vyas

2018 NIPS NeurIPS 2018

Thwarting Adversarial Examples: An $L_0$-Robust Sparse Fourier Transform

Abstract

We give a new algorithm for approximating the Discrete Fourier transform of an approximately sparse signal that is robust to worst-case $L_0$ corruptions, namely that some coordinates of the signal can be corrupt arbitrarily. Our techniques generalize to a wide range of linear transformations that are used in data analysis such as the Discrete Cosine and Sine transforms, the Hadamard transform, and their high-dimensional analogs. We use our algorithm to successfully defend against worst-case $L_0$ adversaries in the setting of image classification. We give experimental results on the Jacobian-based Saliency Map Attack (JSMA) and the CW $L_0$ attack on the MNIST and Fashion-MNIST datasets as well as the Adversarial Patch on the ImageNet dataset.

🌉 Interdisciplinary Bridge — Deep Learning and Machine Learning and Mathematics & Optimization

🧭 Keyword Pioneer — sparse fourier transform

🐝 Cross-Pollinator — Artificial Intelligence, Computer Science, Computer Vision, Data Science & Analytics, Deep Learning, Healthcare & Medicine, Interdisciplinary, Knowledge & Reasoning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Reinforcement Learning, Robotics, Security & Privacy, Speech & Audio

Authors

Mitali Bafna , Jack Murtagh , Nikhil Vyas

Topics

Machine Learning > Core Methods > Classification Machine Learning > Learning Types > Adversarial Learning Machine Learning > Optimization & Theory > Theory Deep Learning > Learning Types > Adversarial Learning Machine Learning > Learning Types > Robustness Mathematics & Optimization > Optimization > Compressed Sensing

Keywords

image classification compressed sensing adversarial attack adversarial example sparse fourier transform worst-case corruption l0 robustness

Download PDF

Related papers

Maximum Causal Tsallis Entropy Imitation Learning 2018

Recurrent World Models Facilitate Policy Evolution 2018

Bandit Learning in Concave N-Person Games 2018

Algorithmic Assurance: An Active Approach to Algorithmic Testing using Bayesian Optimisation 2018

PAC-Bayes bounds for stable algorithms with instance-dependent priors 2018