EURO-Online login
- New to EURO? Create an account
- I forgot my username and/or my password.
- Help with cookies
(important for IE8 users)
3574. Optimization-based algorithm for robustness enhancement of neural networks
Invited abstract in session TA-4: Topics in Mixed Integer Programming and Nonconvex Optimization, stream MINLP.
Tuesday, 8:30-10:00Room: 1001 (building: 202)
Authors (first author is the speaker)
| 1. | Shudian Zhao
|
| Department of Mathematics, KTH Royal Institute of Technology | |
| 2. | Jan Kronqvist
|
| Mathematics, KTH Royal Institute of Technology |
Abstract
This talks introduce an optimisation-based method for generating robust neural networks against adversarial attacks for image classifications. Instead of using large training data and heaving computing expense in classic training process, the proposed method only requires a small size of adversarial dataset in each outer iteration to improve the robustness a model trained with default settings. This algorithm includes two levels of updating. In the inner iteration, we add cuts to improve the linear approximation for the nonlinear constraints regarding the adversary behaviour and level of loss function. Then, to balance the performance of the model on both clean dataset and the adversarial dataset, we select the Pareto set by line search and update the model with a weighted objective function. In the outer iteration, we generate new adversarial data and repeat the same process until stopping criteria are satisfied. This talk concludes with numerical restyle with CNN and ResNet models.
Keywords
- Machine Learning
- Programming, Nonlinear
- Programming, Multi-Objective
Status: accepted
Back to the list of papers