An analysis of adversarial algorithm techniques in image recognition and their countermeasures
The ability of neural network models to generalise and identify unseen data allows for neural networks to operate outside of what it has been trained on, but makes it vulnerable to data samples altered in human imperceptible ways to produce incorrect predictions. This project aims to experimentally...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project (FYP) |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/153433 |
| _version_ | 1811693377660387328 |
|---|---|
| author | Tan, Alastair Song Xin |
| author2 | Kong Wai-Kin Adams |
| author_facet | Kong Wai-Kin Adams Tan, Alastair Song Xin |
| author_sort | Tan, Alastair Song Xin |
| collection | NTU |
| description | The ability of neural network models to generalise and identify unseen data allows for neural networks to operate outside of what it has been trained on, but makes it vulnerable to data samples altered in human imperceptible ways to produce incorrect predictions. This project aims to experimentally test some adversarial algorithms used to fool neural networks, and examine some defensive techniques used to mitigate or prevent such attacks. The MNIST digit dataset, Tensorflow and the Cleverhans Library were used to collect the results required, and it was identified that dropping out neurons and adversarial training not only provided some level of protection against basic adversarial attacks, but improved a model’s capability to generalise and identify unseen, non-adversarial samples. |
| first_indexed | 2024-10-01T06:50:43Z |
| format | Final Year Project (FYP) |
| id | ntu-10356/153433 |
| institution | Nanyang Technological University |
| language | English |
| last_indexed | 2024-10-01T06:50:43Z |
| publishDate | 2021 |
| publisher | Nanyang Technological University |
| record_format | dspace |
| spelling | ntu-10356/1534332021-12-02T06:01:05Z An analysis of adversarial algorithm techniques in image recognition and their countermeasures Tan, Alastair Song Xin Kong Wai-Kin Adams School of Computer Science and Engineering AdamsKong@ntu.edu.sg Engineering::Computer science and engineering The ability of neural network models to generalise and identify unseen data allows for neural networks to operate outside of what it has been trained on, but makes it vulnerable to data samples altered in human imperceptible ways to produce incorrect predictions. This project aims to experimentally test some adversarial algorithms used to fool neural networks, and examine some defensive techniques used to mitigate or prevent such attacks. The MNIST digit dataset, Tensorflow and the Cleverhans Library were used to collect the results required, and it was identified that dropping out neurons and adversarial training not only provided some level of protection against basic adversarial attacks, but improved a model’s capability to generalise and identify unseen, non-adversarial samples. Bachelor of Engineering (Computer Science) 2021-12-02T06:01:04Z 2021-12-02T06:01:04Z 2021 Final Year Project (FYP) Tan, A. S. X. (2021). An analysis of adversarial algorithm techniques in image recognition and their countermeasures. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/153433 https://hdl.handle.net/10356/153433 en application/pdf Nanyang Technological University |
| spellingShingle | Engineering::Computer science and engineering Tan, Alastair Song Xin An analysis of adversarial algorithm techniques in image recognition and their countermeasures |
| title | An analysis of adversarial algorithm techniques in image recognition and their countermeasures |
| title_full | An analysis of adversarial algorithm techniques in image recognition and their countermeasures |
| title_fullStr | An analysis of adversarial algorithm techniques in image recognition and their countermeasures |
| title_full_unstemmed | An analysis of adversarial algorithm techniques in image recognition and their countermeasures |
| title_short | An analysis of adversarial algorithm techniques in image recognition and their countermeasures |
| title_sort | analysis of adversarial algorithm techniques in image recognition and their countermeasures |
| topic | Engineering::Computer science and engineering |
| url | https://hdl.handle.net/10356/153433 |
| work_keys_str_mv | AT tanalastairsongxin ananalysisofadversarialalgorithmtechniquesinimagerecognitionandtheircountermeasures AT tanalastairsongxin analysisofadversarialalgorithmtechniquesinimagerecognitionandtheircountermeasures |