Representation of White- and Black-Box Adversarial Examples in Deep Neural Networks and Humans: A Functional Magnetic Resonance Imaging Study

05/07/2019
by   Chihye Han, et al.
0

The recent success of brain-inspired deep neural networks (DNNs) in solving complex, high-level visual tasks has led to rising expectations for their potential to match the human visual system. However, DNNs exhibit idiosyncrasies that suggest their visual representation and processing might be substantially different from human vision. One limitation of DNNs is that they are vulnerable to adversarial examples, input images on which subtle, carefully designed noises are added to fool a machine classifier. The robustness of the human visual system against adversarial examples is potentially of great importance as it could uncover a key mechanistic feature that machine vision is yet to incorporate. In this study, we compare the visual representations of white- and black-box adversarial examples in DNNs and humans by leveraging functional magnetic resonance imaging (fMRI). We find a small but significant difference in representation patterns for different (i.e. white- versus black- box) types of adversarial examples for both humans and DNNs. However, human performance on categorical judgment is not degraded by noise regardless of the type unlike DNN. These results suggest that adversarial examples may be differentially represented in the human visual system, but unable to affect the perceptual experience.

READ FULL TEXT

page 1

page 5

research
01/25/2021

Generalizing Adversarial Examples by AdaBelief Optimizer

Recent research has proved that deep neural networks (DNNs) are vulnerab...
research
10/14/2020

GreedyFool: An Imperceptible Black-box Adversarial Example Attack against Neural Networks

Deep neural networks (DNNs) are inherently vulnerable to well-designed i...
research
04/23/2020

Evaluating Adversarial Robustness for Deep Neural Network Interpretability using fMRI Decoding

While deep neural networks (DNNs) are being increasingly used to make pr...
research
11/27/2019

Can Attention Masks Improve Adversarial Robustness?

Deep Neural Networks (DNNs) are known to be susceptible to adversarial e...
research
12/07/2020

Sparse Fooling Images: Fooling Machine Perception through Unrecognizable Images

In recent years, deep neural networks (DNNs) have achieved equivalent or...
research
08/27/2018

Generalisation in humans and deep neural networks

We compare the robustness of humans and current convolutional deep neura...

Please sign up or login with your details

Forgot password? Click here to reset