Show simple item record

dc.contributor.author
Ruoss, Anian
dc.contributor.supervisor
Alaifari, Rima
dc.date.accessioned
2021-07-30T14:47:05Z
dc.date.available
2019-07-03T10:07:34Z
dc.date.available
2019-08-28T14:26:35Z
dc.date.available
2019-09-09T05:39:12Z
dc.date.available
2021-07-30T14:47:05Z
dc.date.issued
2019
dc.identifier.uri
http://hdl.handle.net/20.500.11850/351124
dc.identifier.doi
10.3929/ethz-b-000351124
dc.description.abstract
Although deep neural networks have proven to be successful across a large variety of machine learning tasks, recent work has demonstrated that they are at the same time vulnerable to so-called adversarial examples: inputs that are almost indistinguishable from natural data but misclassified by the network. In the case of image classifiers, such adversarial examples have traditionally been constructed by perturbing the original images, but more recently algorithms have been proposed that apply small deformations to the images in order to fool the networks. Simultaneously, defense methods have been proposed that promise to increase the robustness of neural networks against such adversarial attacks. In this work, we compare two state-of-the-art deformation attacks on MNIST and ImageNet data. Furthermore, we extend current defense methods to the setting of adversarial deformations and we demonstrate that these defenses can be combined with existing methods to train networks that are robust against both adversarial deformations and perturbations.
en_US
dc.format
application/pdf
en_US
dc.language.iso
en
en_US
dc.publisher
ETH Zurich
en_US
dc.rights.uri
http://rightsstatements.org/page/InC-NC/1.0/
dc.title
Evaluation of Adversarial Attack Methods on Neural Networks
en_US
dc.type
Bachelor Thesis
dc.rights.license
In Copyright - Non-Commercial Use Permitted
dc.date.published
2019-09-09
ethz.size
49 p.
en_US
ethz.publication.place
Zurich
en_US
ethz.publication.status
published
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02000 - Dep. Mathematik / Dep. of Mathematics::02501 - Seminar für Angewandte Mathematik / Seminar for Applied Mathematics::09603 - Alaifari, Rima / Alaifari, Rima
en_US
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02000 - Dep. Mathematik / Dep. of Mathematics::02501 - Seminar für Angewandte Mathematik / Seminar for Applied Mathematics::09603 - Alaifari, Rima / Alaifari, Rima
en_US
ethz.date.deposited
2019-07-03T10:07:42Z
ethz.source
FORM
ethz.eth
yes
en_US
ethz.availability
Open access
en_US
ethz.rosetta.installDate
2019-09-09T05:39:26Z
ethz.rosetta.lastUpdated
2022-03-29T10:51:05Z
ethz.rosetta.versionExported
true
ethz.COinS
ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.atitle=Evaluation%20of%20Adversarial%20Attack%20Methods%20on%20Neural%20Networks&rft.date=2019&rft.au=Ruoss,%20Anian&rft.genre=unknown&rft.btitle=Evaluation%20of%20Adversarial%20Attack%20Methods%20on%20Neural%20Networks
 Search print copy at ETH Library

Files in this item

Thumbnail

Publication type

Show simple item record