DESCRIPTION
In the past ten years, it has been shown that trained Deep Neural Networks (DNNs) typically suffer from inherent vulnerability to maliciously crafted inputs, called Adversarial Examples (AEs). These are usually created using inputs from the dataset by adding a small but very specific noise, which causes large errors on the DNN output. Despite intense research in this area, the problem remains and has not yet been satisfactorily solved. Numerous defense mechanisms against AEs, as well as methods for detecting such modified inputs, have been suggested, yet, none of them provides complete robustness against adversarial attacks. Due to that, the focus of research has slowly shifted towards analysing the AEs and searching for the exact reason why and how they cause DNNs to fail. In the tutorial, we introduce the main concepts, provide examples of best known adversarial attacks and defenses, provide insights into geometry of AEs, and conclude with open challenges in this field.
DETAILS
Course type: Tutorial
Duration: 3 hours / 2-3 lectures (flexibility possible)
Institution of lecturer: Department of Applied Informatics, Comenius University Bratislava
Notes: handouts to participants will be given.
LECTURER
Prof. Igor Farkaš
Prof. Igor Farkaš has been affiliated with the Department of Applied Informatics since 2003 (in the years 2015-2022 serving as the department chair, now deputy). His long term general research interests are in the overlapping areas of artificial intelligence and cognitive science. More concretely, he has specialized in artificial neural networks by researching the computational properties of various models and their use in solving various tasks (e.g. language acquisition, vision, cognitive robotics). He also participated in experimental research on human cognition. He led several national scientific projects and is currently the coordinator of the Horizon Europe twinning project. He coordinates the Center for Cognitive Science at the faculty and guarantees the international interdisciplinary master’s study program in cognitive science. More information on his website http://cogsci.fmph.uniba.sk/~farkas.