
On the Robustness of Deep KNearest Neighbors
Despite a large amount of attention on adversarial examples, very few wo...
read it

On the Geometry of Adversarial Examples
Adversarial examples are a pervasive phenomenon of machine learning mode...
read it

Adversarial Training with Voronoi Constraints
Adversarial examples are a pervasive phenomenon of machine learning mode...
read it

Defending Against Adversarial Examples with KNearest Neighbor
Robustness is an increasingly important property of machine learning mod...
read it

AdvKnn: Adversarial Attacks On KNearest Neighbor Classifiers With Approximate Gradients
Deep neural networks have been shown to be vulnerable to adversarial exa...
read it

Evaluating the Robustness of Nearest Neighbor Classifiers: A PrimalDual Perspective
We study the problem of computing the minimum adversarial perturbation o...
read it

Detecting Human Interventions on the Landscape: KAZE Features, Poisson Point Processes, and a Construction Dataset
We present an algorithm capable of identifying a wide variety of humani...
read it
Adversarial Examples for kNearest Neighbor Classifiers Based on HigherOrder Voronoi Diagrams
Adversarial examples are a widely studied phenomenon in machine learning models. While most of the attention has been focused on neural networks, other practical models also suffer from this issue. In this work, we propose an algorithm for evaluating the adversarial robustness of knearest neighbor classification, i.e., finding a minimumnorm adversarial example. Diverging from previous proposals, we take a geometric approach by performing a search that expands outwards from a given input point. On a high level, the search radius expands to the nearby Voronoi cells until we find a cell that classifies differently from the input point. To scale the algorithm to a large k, we introduce approximation steps that find perturbations with smaller norm, compared to the baselines, in a variety of datasets. Furthermore, we analyze the structural properties of a dataset where our approach outperforms the competition.
READ FULL TEXT
Comments
There are no comments yet.