Profile picture
nick frosst
@nickfrosst
, 9 tweets, 4 min read Read on Twitter
My new paper with @NicolasPapernot and @GeoffreyHinton is out on arXiv today. It’s about the similarity structure of representations space, outlier data (e.g. adversarial attacks) and generative models. Don’t have time to read the paper? Read this instead! arxiv.org/abs/1902.01889
Our paper focused on a loss we call Soft Nearest Neighbor Loss (SNNL). It measures the entanglement of labeled data points. Data with high SNNL has muddled up classes, while the classes of a data set with low SNNL are easy to separate.
We can measure the SNNL of the data in the hidden layers of a resnet during training and show that each layer separates the data slightly more than the previous layer. the last layer learns a representation of the data which separates the classes, so it has the lowest SNNL value
But entanglement can be desirable! You want the output of a GAN to be entangled with real data. If we measure the SNNL between real and generated data, we can see that SNNL increases over training. It serves as a good tool for understanding GAN training.
What happens if we learn a classifier by maximizing the SNNL of each hidden layer in addition to minimizing cross-entropy? We call these *Entangled Models* because their internal class representations are entangled. Surprisingly, this marginally increases performance!
Entangled models are better at detecting adversarial attacks using the DkNN. We estimate the uncertainty of each classification and find that entangled models project outlier data away from the expected manifold, making adversarial attacks easier to detect.
Entangled models are less vulnerable to black box attacks based on transferability. If we visualize the adversarial gradients of a targeted FGSM attack for normal models, we see shared class clusters. This enables transferability. These clusters don't exist with entangled models!
Entangled models arent trained with a specific attack in mind, so they should be good at distinguishing all outlier data from real data. If we train a model on MNIST and test it on notMIST, we see that entangled models project the outlier data far away from the real test data.
Read the paper for a more thorough investigation of this exciting loss and the effects of entangling classes in classifications networks and adversarial examples as well as an investigation of SNNL loss in GAN settings :) thanks for reading :)
arxiv.org/abs/1902.01889
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to nick frosst
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @nickfrosst see all

Profile picture
nick frosst
@nickfrosst
1/7 Our new paper on adversarial attack detection and capsule networks with @sabour_sara and Geoff Hinton is out on arxiv today! arxiv.org/abs/1811.06969 it will be presented at the #NeurIPS Workshop on Security. Don't have time to read the paper? Read this thread instead! :)
2/7 The problem with adversarial examples is that they dont look like what they are classified as. Capsule networks output both a classification and a reconstruction of the input conditioned on the classification. A reconstruction of an adversarial looks different from the input
3/7 We can create a detection algorithm by defining a threshold for reconstruction error from a validation set, and flag inputs as adversarial if the reconstruction error exceeds this threshold.
Read 7 tweets

Related threads

Profile picture
literallyjustq
@literallyjustq
A little thread, which I may come back to, for all those #technophobes who blame rise in #suicide on #socialmedia.

First: legit, what rise?
Second: The actual experts do not agree with you, and your fear-mongering is likely causing more harm than good.
cf. Thomas, K, and Gunnell, D. (2010). Suicide in England and Wales 1861–2007: a time-trends analysis. International Journal of Epidemiology, Volume 39, Issue 6, December 2010, Pages 1464–1475.
So, first the data, from #UK (above) and elsewhere (below).

Clearly if this epidemic was *caused* by a *single* factor it would permeate all societies with social media.

[Suicide Rates for Teens Aged 15–19 Years, by Sex — United States, 1975–2015, #USA]
Read 63 tweets
Profile picture
Lola Netty
@TXTrumpette89
FACEBOOK RETURNING TO THE NEWS.
LIFELOG (DARPA) ENDS > Facebook BEGINS
#LIFELOG (DARPA) TEAM TRANSFER > FB
WHAT (#DARPA) TEAM MEMBERS PAST/PRESENT WORK FOR FB?
WHAT DIVISIONS?
LOCATE (3) DVIQX15C
(9) TOTAL (6_NON PUB).
BUILDING 8 EXPOSED (HERE) WHEN?
[4-11-18]
*THINK SCRAMBLE [OFFLINE SCRUB] POST XBOX/PS CHAT LOGS DROP*
[MS SHUTDOWN IMMEDIATELY POST DROP]
BUILDING 8 NEWS RELEASE "RESTRUCTURING BUILDING 8" RELEASE?
Facebook restructures Building 8, separating projects into Reality Labs and Portal groups techcrunch.com/2018/12/14/fac…
Read 130 tweets
Profile picture
Learn German, Interestingly
@LGcommaI
Today is the 200th #birthday of #German actress Marie Baumeister(1819-1887). Inter alia, she played the role of 'Käthchen' in #Kleist's famous history drama 'Das Käthchen von Heilbronn'(set in #medieval #Germany and featuring a en.wikipedia.org/wiki/Trial_by_…).
In
Ludwig Eisenberg:..
..
𝘎𝘳𝘰ß𝘦𝘴 𝘣𝘪𝘰𝘨𝘳𝘢𝘱𝘩𝘪𝘴𝘤𝘩𝘦𝘴 𝘓𝘦𝘹𝘪𝘬𝘰𝘯 𝘥𝘦𝘳 𝘋𝘦𝘶𝘵𝘴𝘤𝘩𝘦𝘯 𝘉𝘶̈𝘩𝘯𝘦 𝘪𝘮 19. 𝘑𝘢𝘩𝘳𝘩𝘶𝘯𝘥𝘦𝘳𝘵, #Leipzig, Verlagsbuchhandlung Paul List. 190,

one finds the following entry on Marie Baumeister:
My translation of the above entry:
'Baumeister Marie, born 1819-02-01 in #Berlin, sister of the person in the preceding entry. She first stood on a stage as a trainee at the court theater of #Schwerin, then had her debut as 'Marie Winter' in #Gutzkow's "Herz und Welt" in ..
Read 13 tweets
Profile picture
Sebastian Ruder
@seb_ruder
#Repl4NLP at #ACL2018 panel discussion:
Q: Given that the amount of data and computing power is rapidly increasing, should we just quit working on models altogether?
Yejin: Sounds like a good idea for the companies. The more data the better. Please create more data.
Meg: Different people have different strengths. People say: “We should all care about ethics”. Geek out about what you love. Apply yourself to what you. Lots of other things that come to bear besides just working with data, e.g. sociology, psychology, maths, etc.
Important to focus on what you really love. Work with people that have complimentary and different interests.
Yoav: Personally don’t work on huge data. If some company would like to train a huge LM on the entire web, that’d be great to have and analyze.
Read 39 tweets
Profile picture
Simon DeDeo
@SimonDeDeo
Kullback-Leibler divergence has an enormous number of interpretations and uses: psychological, epistemic, thermodynamic, statistical, computational, geometrical... I am pretty sure I could teach an entire graduate seminar on it.
Psychological: an excellent predictor of where attention is directed. ilab.usc.edu/surprise/
Epistemic: a normative measure of where you ought to direct your experimental efforts (maximize expected model-breaking) jstor.org/stable/4623265
Read 26 tweets
Profile picture
Matt Brown
@xleem
Up Now: @lizthegrey and @adam7mck on Resolving Outages Faster with Better Debugging Strategies #SREcon
I work with Liz, Adam is a top guy. There's some exciting stuff in this talk. Listen up! #SREcon
Liz - 8+ years at Google, now CRE. Excited about sharing things we've learnt with the world.

Adam - 18mths at Google, SRE/DevOps type-person for 8-10 years. Excited to share things that blew his socks off when joining Google.

#SREcon
Read 50 tweets

Trending hashtags

#datascience #PeoplesVote #bitcoin #8thref #blockchain #StopBrexit #HDFC #Depression #Maruti #Danzig #huntthespooks #Myths #Hannover #Bitcoin #ODSCWest #UK #increase #Decred #POTUS #PRISM #HongKong #XKeyscore #Australia #MFF #Sweden
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!