%0 Conference Proceedings
%4 sid.inpe.br/sibgrapi/2017/09.11.16.27
%2 sid.inpe.br/sibgrapi/2017/09.11.16.27.29
%T Exploring Adversarial Images in Deep Neural Networks
%D 2017
%A Tabacof, Pedro,
%A Valle, Eduardo,
%@affiliation University of Campinas
%@affiliation University of Campinas
%E Torchelsen, Rafael Piccin,
%E Nascimento, Erickson Rangel do,
%E Panozzo, Daniele,
%E Liu, Zicheng,
%E Farias, Mylène,
%E Viera, Thales,
%E Sacht, Leonardo,
%E Ferreira, Nivan,
%E Comba, João Luiz Dihl,
%E Hirata, Nina,
%E Schiavon Porto, Marcelo,
%E Vital, Creto,
%E Pagot, Christian Azambuja,
%E Petronetto, Fabiano,
%E Clua, Esteban,
%E Cardeal, Flávio,
%B Conference on Graphics, Patterns and Images, 30 (SIBGRAPI)
%C Niterói, RJ, Brazil
%8 17-20 Oct. 2017
%I Sociedade Brasileira de Computação
%J Porto Alegre
%S Proceedings
%K deep learning, neural networks, adversarial images.
%X Adversarial examples have raised questions regarding the robustness and security of deep neural networks. In this work we formalize the problem of adversarial images given a pre-trained classifier, showing that even in the linear case the resulting optimization problem is nonconvex. We generate adversarial images using deep classifiers on the ImageNet dataset. We probe the pixel space of adversarial images using noise of varying intensity and distribution. We bring novel visualizations that showcase the phenomenon and its high variability. We show that adversarial images appear in large regions in the pixel space, and that it is hard to leave those regions by adding noise to the images, even with high intensity.
%@language en
%3 sibgrapi (1).pdf