Breaking Deep Learning Systems With Adversarial Examples | Two Minute Papers #43
Key Takeaways
The video discusses adversarial examples in deep learning systems, demonstrating how carefully crafted input images can fool neural networks into misclassifying them, using techniques such as adding noise patterns to original images.
Full Transcript
dear fellow Scholars this is 2minute papers with Caro artificial neural networks are computer programs that try to approximate what the human brain does to solve problems like recognizing objects in images in this piece of work the authors analyze the properties of these neural networks and try to unveil what exactly makes them think that the paper towel is a paper towel and building on this knowledge try to fool these programs let's have a look at this example one can grab this input image and this noise pattern and add these two images together similarly as one would add two numbers together the operation yields the image you see here I think it's fair to say that the difference is barely perceptible for the human eye not so much for neural networks because the input image we started with is classified correctly as a bus and the image that you see on the right is classified as an ostrich in simple terms Bus Plus noise equals an ostrich these two images look almost exactly the same but the neural networks see them quite differently we call these examples adversarial examples because they are designed to fool these image recognition programs in machine learning research there are common data sets to test different classification techniques on one of the best known example is the amist handwriting data set it is basically a bunch of images depicting handwritten numbers that machine learning algorithms have to recognize long ago this used to be a difficult problem but nowadays any half decent algorithm can guess the numbers correctly more than 99% of the time after learning for just a few seconds now we'll see that these adversarial examples are not created by chance if we add a lot of random noise to these images they get quite difficult to recognize let's engage in modesty and say that I myself as a human can recognize approximately half of them but only if I look closely and maybe even squint a neural network can guess this correctly approximately 50% of the time as well which is a quite respectable result therefore adding random noise is not really fooling the neural networks however if you look at these adversarial examples in the even columns you see how carefully they are crafted as they look very similar to the original images but the classification accuracy of the neural network on these examples is 0% sent you heard it correctly it gets it wrong basically all the time the take-home message is that carefully crafted adversarial examples can be used to fool deep neural networks reliably you can watch them flounder on many hilarious examples to your enjoyment my dear sir the queen wears a shower cap you say I beg your pardon if you would like to support 2-minute papers we are available on patreon and offer really cool perks for our fellow Scholars for instance you can watch each episode around 24 hours in advance or even decide the topic of the next episodes how cool is that if you're interested just click on the box below on the screen thanks for watching and for your generous support and I'll see you next time
Original Description
Artificial neural networks are computer programs that try to approximate what the human brain does to solve problems like recognizing objects in images. In this piece of work, the authors analyze the properties of these neural networks and try to unveil what exactly makes them think that a paper towel is a paper towel, and, building on this knowledge, try to fool these programs. Carefully crafted adversarial examples can be used to fool deep neural network reliably.
_______________
The paper "Intriguing properties of neural networks" is available here:
http://arxiv.org/abs/1312.6199
The paper "Explaining and Harnessing Adversarial Examples" is available here:
http://arxiv.org/abs/1412.6572
Image credits:
Thumbnail image - https://www.flickr.com/photos/healthblog/8384110298 (CC BY-SA 2.0)
Shower cap - Code Words / Julia Evans - https://codewords.recurse.com/issues/five/why-do-neural-networks-think-a-panda-is-a-vulture
MNIST - hxhl95
Andrej Karpathy's online convolutional neural network:
http://cs.stanford.edu/people/karpathy/convnetjs/demo/cifar10.html
Subscribe if you would like to see more of these! - http://www.youtube.com/subscription_center?add_user=keeroyz
Splash screen/thumbnail design: Felícia Fehér - http://felicia.hu
Károly Zsolnai-Fehér's links:
Patreon → https://www.patreon.com/TwoMinutePapers
Facebook → https://www.facebook.com/TwoMinutePapers/
Twitter → https://twitter.com/karoly_zsolnai
Web → https://cg.tuwien.ac.at/~zsolnai/
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from Two Minute Papers · Two Minute Papers · 49 of 60
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
▶
50
51
52
53
54
55
56
57
58
59
60
Fluid Simulations with Blender and Wavelet Turbulence | Two Minute Papers #1
Two Minute Papers
Capturing Waves of Light With Femto-photography | Two Minute Papers #2
Two Minute Papers
Artificial Neural Networks and Deep Learning | Two Minute Papers #3
Two Minute Papers
Blender Rendering - Top 7 LuxRender Features
Two Minute Papers
Simulating Breaking Glass | Two Minute Papers #4
Two Minute Papers
Time Lapse Videos From Community Photos | Two Minute Papers #5
Two Minute Papers
AI Learns Van Gogh's Art
Two Minute Papers
Hydrographic Printing | Two Minute Papers #7
Two Minute Papers
Announcing LuxRender 1.5
Two Minute Papers
Digital Creatures Learn To Walk | Two Minute Papers #8
Two Minute Papers
Manipulating Photorealistic Renderings | Two Minute Papers #9
Two Minute Papers
Adaptive Fluid Simulations | Two Minute Papers #10
Two Minute Papers
Building Bridges With Flying Machines | Two Minute Papers #11
Two Minute Papers
Reconstructing Sound From Vibrations | Two Minute Papers #12
Two Minute Papers
Creating Photographs Using Deep Learning | Two Minute Papers #13
Two Minute Papers
Adaptive Cloth Simulations | Two Minute Papers #14
Two Minute Papers
Synthesizing Sound From Collisions | Two Minute Papers #15
Two Minute Papers
Metropolis Light Transport | Two Minute Papers #16
Two Minute Papers
3D Printing a Glockenspiel | Two Minute Papers #17
Two Minute Papers
Modeling Colliding and Merging Fluids | Two Minute Papers #18
Two Minute Papers
Recurrent Neural Network Writes Music and Shakespeare Novels | Two Minute Papers #19
Two Minute Papers
Gradients, Poisson's Equation and Light Transport | Two Minute Papers #20
Two Minute Papers
Real-Time Facial Expression Transfer | Two Minute Papers #21
Two Minute Papers
Automatic Lecture Notes From Videos | Two Minute Papers #22
Two Minute Papers
Be a Part of Two Minute Papers on Patreon!
Two Minute Papers
Recurrent Neural Network Writes Sentences About Images | Two Minute Papers #23
Two Minute Papers
How Does Deep Learning Work? | Two Minute Papers #24
Two Minute Papers
Cryptography, Perfect Secrecy and One Time Pads | Two Minute Papers #25
Two Minute Papers
Terrain Traversal with Reinforcement Learning | Two Minute Papers #26
Two Minute Papers
Multiple-Scattering Microfacet BSDFs with the Smith Model
Two Minute Papers
Google DeepMind's Deep Q-Learning & Superhuman Atari Gameplays | Two Minute Papers #27
Two Minute Papers
Are We Living In a Computer Simulation? | Two Minute Papers #28
Two Minute Papers
Artificial Superintelligence [Audio only] | Two Minute Papers #29
Two Minute Papers
Automatic Parameter Control for Metropolis Light Transport | Two Minute Papers #30
Two Minute Papers
Randomness and Bell's Inequality [Audio only] | Two Minute Papers #31
Two Minute Papers
OpenAI - Non-profit AI company by Elon Musk and Sam Altman
Two Minute Papers
How Do Genetic Algorithms Work? | Two Minute Papers #32
Two Minute Papers
Painting with Fluid Simulations | Two Minute Papers #33
Two Minute Papers
Peer Review #1 [Audio only] | Two Minute Papers
Two Minute Papers
Neural Programmer-Interpreters Learn To Write Programs | Two Minute Papers #34
Two Minute Papers
9 Cool Deep Learning Applications | Two Minute Papers #35
Two Minute Papers
Designing Cities and Furnitures With Machine Learning | Two Minute Papers #36
Two Minute Papers
Designing 3D Printable Robotic Creatures | Two Minute Papers #37
Two Minute Papers
3D Printing Objects With Caustics | Two Minute Papers #38
Two Minute Papers
Interactive Editing of Subsurface Scattering | Two Minute Papers #39
Two Minute Papers
Simulating Viscosity and Melting Fluids | Two Minute Papers #40
Two Minute Papers
What Do Virtual Objects Sound Like? | Two Minute Papers #41
Two Minute Papers
How DeepMind Conquered Go With Deep Learning (AlphaGo) | Two Minute Papers #42
Two Minute Papers
Breaking Deep Learning Systems With Adversarial Examples | Two Minute Papers #43
Two Minute Papers
Extrapolations and Crowdfunded Research (Experiment) | Two Minute Papers #44
Two Minute Papers
Biophysical Skin Aging Simulations | Two Minute Papers #45
Two Minute Papers
What is Impostor Syndrome? | Two Minute Papers #46
Two Minute Papers
Should You Take the Stairs at Work? (For Weight Loss) | Two Minute Papers #47
Two Minute Papers
Artistic Manipulation of Caustics | Two Minute Papers #48
Two Minute Papers
Deep Learning Program Learns to Paint | Two Minute Papers #49
Two Minute Papers
Interactive Photo Recoloring | Two Minute Papers #50
Two Minute Papers
How To Get Started With Machine Learning? | Two Minute Papers #51
Two Minute Papers
Awesome Research For Everyone! - Two Minute Papers Channel Trailer
Two Minute Papers
10 More Cool Deep Learning Applications | Two Minute Papers #52
Two Minute Papers
How DeepMind's AlphaGo Defeated Lee Sedol | Two Minute Papers #53
Two Minute Papers
More on: CV Basics
View skill →Related Reads
📰
📰
📰
📰
Want to get started with deep learning
Reddit r/deeplearning
Building a Deepfake Detector From Scratch — What Nobody Tells You
Medium · Deep Learning
Unfolding the Meandering Path: High-Dimensional Invariance and the Flat 2D Plane of Neural…
Medium · Deep Learning
Implementing Neural Style Transfer from Scratch: The Project That Started It All
Medium · Deep Learning
🎓
Tutor Explanation
DeepCamp AI