In the past few years, evaluating on adversarial examples has become a standard
procedure to measure robustness of deep learning models. Literature on adversarial
examples for neural nets has largely focused on image data, which are represented as
points in continuous space. However, a vast proportion of machine learning models
operate on discrete input, and thus demand a similar rigor in understanding their
vulnerabilities and robustness. We study robustness of neural network architectures
for textual and graph inputs, through the lens of adversarial input perturbations.
We will cover methods for both attacks and defense; we will focus on 1) addressing
challenges in optimization for creating adversarial perturbations for discrete data;
2) evaluating and contrasting white-box and black-box adversarial examples; and 3)
proposing efficient methods to make the models robust against adversarial attacks.
| Identifer | oai:union.ndltd.org:uoregon.edu/oai:scholarsbank.uoregon.edu:1794/24535 |
| Date | 30 April 2019 |
| Creators | Ebrahimi, Javid |
| Contributors | Lowd, Daniel |
| Publisher | University of Oregon |
| Source Sets | University of Oregon |
| Language | en_US |
| Detected Language | English |
| Type | Electronic Thesis or Dissertation |
| Rights | All Rights Reserved. |
Page generated in 0.0019 seconds