Towards Adversarial Robustness of Deep Vision Algorithms
It addresses security issues in deep vision algorithms for image classification and denoising, which is incremental as it builds on existing robustness research.
The paper tackles the vulnerability of deep neural networks to adversarial perturbations in computer vision, proposing methods like ObsAtk for evaluation and HAT, TisODE, and CIFS for robustness improvement, and finds that robust denoisers can handle unseen real-world noise.
Deep learning methods have achieved great success in solving computer vision tasks, and they have been widely utilized in artificially intelligent systems for image processing, analysis, and understanding. However, deep neural networks have been shown to be vulnerable to adversarial perturbations in input data. The security issues of deep neural networks have thus come to the fore. It is imperative to study the adversarial robustness of deep vision algorithms comprehensively. This talk focuses on the adversarial robustness of image classification models and image denoisers. We will discuss the robustness of deep vision algorithms from three perspectives: 1) robustness evaluation (we propose the ObsAtk to evaluate the robustness of denoisers), 2) robustness improvement (HAT, TisODE, and CIFS are developed to robustify vision models), and 3) the connection between adversarial robustness and generalization capability to new domains (we find that adversarially robust denoisers can deal with unseen types of real-world noise).