Profile picture
nick frosst @nickfrosst
, 7 tweets, 3 min read Read on Twitter
1/7 Our new paper on adversarial attack detection and capsule networks with @sabour_sara and Geoff Hinton is out on arxiv today! arxiv.org/abs/1811.06969 it will be presented at the #NeurIPS Workshop on Security. Don't have time to read the paper? Read this thread instead! :)
2/7 The problem with adversarial examples is that they dont look like what they are classified as. Capsule networks output both a classification and a reconstruction of the input conditioned on the classification. A reconstruction of an adversarial looks different from the input
3/7 We can create a detection algorithm by defining a threshold for reconstruction error from a validation set, and flag inputs as adversarial if the reconstruction error exceeds this threshold.
4/7 This is an attack agnostic detection algorithm that works quite well for the three datasets we tested - MNIST, fashionMNIST and SVHN and the attacks we tested - black box and white box FGSM and BIM attacks
5/7 The reconstruction error is itself differentiable; we can make a stronger attack by minimize reconstruction error and maximize classification error. This attack can trick our detection, but the results aren't really ‘adversarial’ - they resemble members of the target class
6/7 This is true for MNIT and fashionMNIST
7/7 And SVHN. Read the paper to see to our work in full :) arxiv.org/abs/1811.06969
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to nick frosst
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#NeurIPS

Related threads

Profile picture
new paper with eric potash and @s010n: arxiv.org/abs/1811.07867
we hope the paper can guide thinking about goals, sampling, measurement, causality, and conditional probability (@stat110 !) for prediction-based decisions
especially for high-impact decisions, where carelessness tends to harm already-disadvantaged groups
Read 6 tweets
Profile picture
@francesc @vadimlearning First #MLonCode paper presented by @vadimlearning is "code2vec: Learning Distributed Representations of Code" by Uri Alon, Meital Zilberstein, @omerlevy_, and @yahave.

arxiv.org/abs/1803.09473
@francesc @vadimlearning @omerlevy_ @yahave The second #MLonCode paper, also presented by @vadimlearning, is "A General Path-Based Representation for Predicting Program Properties" by ... wait for it ... Uri Alon, Meital Zilberstein, @omerlevy_, and @yahave 🎉

arxiv.org/abs/1803.09544
@francesc @vadimlearning @omerlevy_ @yahave Next, our #ML intern Romain Keramitas, is reviewing the #MLonCode paper "Mining Idioms from Source Code" by Miltiadis Allamanis and @RandomlyWalking

arxiv.org/abs/1404.0417
Read 15 tweets
Profile picture
Deep reinforcement learning overfits. Often, a trained network can only play the particular level(s) you trained it on! In our new paper, we show how to train more general networks with procedural level generation, generating progressively harder levels.
arxiv.org/abs/1806.10729
The paper, written by @nojustesen @ruben_torrado @FilipoGiovanni @Amidos2006, me and @risi1979, builds on the General Video Game AI framework, which includes more than a hundred different games and lets you easily modify games and levels (and generate new ones).
We also build on ours and others' research on procedural content generation for games, a research field studying algorithms that can create new game content such as levels. Useful not only for game development but also for AI testing.
More on PCG:
pcgbook.com
Read 11 tweets
Profile picture
Paper day! "Fitting the Radial Acceleration Relation to Individual SPARC Galaxies" by our brilliant student Pengfei Li: arxiv.org/abs/1803.00022 A thread will follow!
In arxiv.org/abs/1609.05917 and arxiv.org/abs/1610.08981 we show that baryons and dynamics are tightly linked in galaxies at a *local* level: the observed acceleration (from the gas rotation curve) correlates with that expected from the distribution of baryons (using Newton's law).
At high accelerations gobs=gbar because baryons fully dominate the dynamics. These data come from the central parts of massive galaxies where there is no need for dark matter. At low accelerations, the data deviates from the 1:1 line. That's the classic indication of dark matter!
Read 15 tweets
Profile picture
Gravitational corrections to the value of the muon #gminus2 - a quick roundup.

It all started with this paper - arxiv.org/abs/1801.10246 - the 3rd in a trilogy. Claimed that a correction due to Earth's gravity should alleviate tension between theory and experiment:
In a blog post - motls.blogspot.nl/2018/02/experi… - @lumidek points out (among other things) that if you're considering corrections due to the gravitational potential, the Sun's potential should dominate, not the Earth's
On twitter (and in a blog post) - realselfenergy.blogspot.nl/2018/02/update… - @PitifulRed offers a short proof of why the gravitational correction must be zero.
Read 7 tweets
Profile picture
Today’s morning session at the @InHenriPoincare is a tutorial “Verification of Quantum computing” by Elham Kashefi

A recent review: arXiv:1706.06984 arxiv.org/abs/1709.06984

#LTQI
Elham Kashefi: Verfication addresses different questions.
1) Test the hardware (tomography like)

2) Test the application: Test is honest behaviour if we use quantum computer for secrecy, test if the answer is correct if we use QC for speed
#LTQI
Elham Kashefi: If a QC solves a classically intractable problem, how can we “verify” the outcome of experiment ?
In complexity ∃MA, Merlin-Arthur: problems who can be verified in BPP when given a proof (aka witness).
But we thing BPQ≠MA.
Even if BQP⊆MA, proof is hard to find
Read 28 tweets

Trending hashtags

#celiac #dataviz #TensorBoard #ProjectAlchemist #kpti #deeplearning #NeurIPS2018 #AlphaFold #statsmisconception #DarkMatter #Haskell #P #statsmisconceptions #neurips4creativity #GAN #TFadvent #kaiser #VR #MachineLearning #arXiv #ModifiedGravity #CogSci2018 #L #GANpaint #Myanmar

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!