Deep Neural Network Ensembles against Deception: Ensemble Diversity, Accuracy and Robustness
This work addresses the need for more robust and accurate deep learning models against deception, but it is incremental as it builds on existing ensemble methods without introducing a new paradigm.
The paper tackles the problem of improving deep neural network ensemble performance by focusing on diversity, which enhances accuracy and robustness against adversarial attacks. It provides an overview of diversity types, measures, and algorithms for creating and combining ensembles to achieve high accuracy.
Ensemble learning is a methodology that integrates multiple DNN learners for improving prediction performance of individual learners. Diversity is greater when the errors of the ensemble prediction is more uniformly distributed. Greater diversity is highly correlated with the increase in ensemble accuracy. Another attractive property of diversity optimized ensemble learning is its robustness against deception: an adversarial perturbation attack can mislead one DNN model to misclassify but may not fool other ensemble DNN members consistently. In this paper we first give an overview of the concept of ensemble diversity and examine the three types of ensemble diversity in the context of DNN classifiers. We then describe a set of ensemble diversity measures, a suite of algorithms for creating diversity ensembles and for performing ensemble consensus (voted or learned) for generating high accuracy ensemble output by strategically combining outputs of individual members. This paper concludes with a discussion on a set of open issues in quantifying ensemble diversity for robust deep learning.