Towards Proving the Adversarial Robustness of Deep Neural Networks

Towards Proving the Adversarial Robustness of Deep Neural Networks

Autonomous vehicles are highly complex systems, required to function reliably in a wide variety of situations. Manually crafting software controllers for these vehicles is difficult, but there has been some success in using deep neural networks generated using machine-learning. However, deep neural...

Full description

Bibliographic Details
Main Authors: Guy Katz, Clark Barrett, David L. Dill, Kyle Julian, Mykel J. Kochenderfer
Format: Article
Language:English
Published: Open Publishing Association 2017-09-01
Series:Electronic Proceedings in Theoretical Computer Science
Online Access:http://arxiv.org/pdf/1709.02802v1
id doaj-a514f56939b549819950c8f58fa3d54d
record_format Article
spelling doaj-a514f56939b549819950c8f58fa3d54d2020-11-25T01:13:35ZengOpen Publishing AssociationElectronic Proceedings in Theoretical Computer Science2075-21802017-09-01257Proc. FVAV 2017192610.4204/EPTCS.257.3:4Towards Proving the Adversarial Robustness of Deep Neural NetworksGuy Katz0Clark Barrett1David L. Dill2Kyle Julian3Mykel J. Kochenderfer4 Stanford University Stanford University Stanford University Stanford University Stanford University Autonomous vehicles are highly complex systems, required to function reliably in a wide variety of situations. Manually crafting software controllers for these vehicles is difficult, but there has been some success in using deep neural networks generated using machine-learning. However, deep neural networks are opaque to human engineers, rendering their correctness very difficult to prove manually; and existing automated techniques, which were not designed to operate on neural networks, fail to scale to large systems. This paper focuses on proving the adversarial robustness of deep neural networks, i.e. proving that small perturbations to a correctly-classified input to the network cannot cause it to be misclassified. We describe some of our recent and ongoing work on verifying the adversarial robustness of networks, and discuss some of the open questions we have encountered and how they might be addressed.http://arxiv.org/pdf/1709.02802v1
collection DOAJ
language English
format Article
sources DOAJ
author Guy Katz
Clark Barrett
David L. Dill
Kyle Julian
Mykel J. Kochenderfer
spellingShingle Guy Katz
Clark Barrett
David L. Dill
Kyle Julian
Mykel J. Kochenderfer
Towards Proving the Adversarial Robustness of Deep Neural Networks
Electronic Proceedings in Theoretical Computer Science
author_facet Guy Katz
Clark Barrett
David L. Dill
Kyle Julian
Mykel J. Kochenderfer
author_sort Guy Katz
title Towards Proving the Adversarial Robustness of Deep Neural Networks
title_short Towards Proving the Adversarial Robustness of Deep Neural Networks
title_full Towards Proving the Adversarial Robustness of Deep Neural Networks
title_fullStr Towards Proving the Adversarial Robustness of Deep Neural Networks
title_full_unstemmed Towards Proving the Adversarial Robustness of Deep Neural Networks
title_sort towards proving the adversarial robustness of deep neural networks
publisher Open Publishing Association
series Electronic Proceedings in Theoretical Computer Science
issn 2075-2180
publishDate 2017-09-01
description Autonomous vehicles are highly complex systems, required to function reliably in a wide variety of situations. Manually crafting software controllers for these vehicles is difficult, but there has been some success in using deep neural networks generated using machine-learning. However, deep neural networks are opaque to human engineers, rendering their correctness very difficult to prove manually; and existing automated techniques, which were not designed to operate on neural networks, fail to scale to large systems. This paper focuses on proving the adversarial robustness of deep neural networks, i.e. proving that small perturbations to a correctly-classified input to the network cannot cause it to be misclassified. We describe some of our recent and ongoing work on verifying the adversarial robustness of networks, and discuss some of the open questions we have encountered and how they might be addressed.
url http://arxiv.org/pdf/1709.02802v1
work_keys_str_mv AT guykatz towardsprovingtheadversarialrobustnessofdeepneuralnetworks
AT clarkbarrett towardsprovingtheadversarialrobustnessofdeepneuralnetworks
AT davidldill towardsprovingtheadversarialrobustnessofdeepneuralnetworks
AT kylejulian towardsprovingtheadversarialrobustnessofdeepneuralnetworks
AT mykeljkochenderfer towardsprovingtheadversarialrobustnessofdeepneuralnetworks
_version_ 1725161357211336704

Similar Items