Explainability and Adversarial Robustness for RNNs

Hartl, Alexander; Bachl, Maximilian; Fabini, Joachim; Zseby, Tanja

doi:10.48550/arxiv.1912.09855

Cited by 2 publications

(3 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…According to them, gradient similarity shows the influence of training data on test samples, and behaves differently for genuine and adversarial input samples, enabling the detection of various adversarial attacks with high accuracy. Some other interesting works are relying on explainable ML techniques to guard against adversarial attacks [25], [218], [220], [221]. However, the explanations/information regarding the working mechanism of ML algorithms revealed by explainability methods could also be utilized to generate more effective adversarial attacks on the algorithms [57].…”

Section: Agriculturementioning

confidence: 99%

Developing Future Human-Centered Smart Cities: Critical Analysis of Smart City Security, Interpretability, and Ethical Challenges

Ahmad¹,

Maabreh²,

Ghaly³

et al. 2020

Preprint

View full text Add to dashboard Cite

As we make tremendous advances in machine learning and artificial intelligence (ML/AI) technosciences, there is a renewed understanding in the ML/AI community that we must ensure that humans being are at the center of our deliberations so that we don't end in technology-induced dystopias. As strongly argued by Green in his book "Smart Enough City", the incorporation of technology in city environs does not automatically translate into prosperity, wellbeing, urban livability, or social justice. There is a great need to deliberate on the future of the cities worth living and designing. There are philosophical and ethical questions involved along with various challenges that relate to the security, safety, and interpretability of ML/AI algorithms that will form the technological bedrock of future cities. A number of research institutes on humancentered AI (HAI) have been established at top international universities-including Stanford Institute for Human-Centered Artificial Intelligence (HAI), Berkeley's Center for Human-Compatible AI (CHAI), and MIT Institute for Data, Systems, and Society (IDSS). Globally there are calls for technology to be made more humane and human-compatible. For example, Stuart Russell has a book called Human-Compatible AI. The Center for Humane Technology advocates for regulators and technology companies to avoid business models and product features that contribute to social problems such as extremism, polarization, misinformation, and Internet addiction. In this paper, we analyze and explore key challenges including security, robustness, interpretability, and ethical (data and algorithmic) challenges to a successful deployment of AI/ML in human-centric applications, with a particular emphasis on the convergence of these concepts/challenges. We provide a detailed review of existing literature on these key challenges and analyze how one of these challenges may lead to others or help in solving other challenges. The paper also advises on the current limitations, pitfalls, and future directions of research in these domains, and how it can fill the current gaps and lead to better solutions. We believe such rigorous analysis will provide a baseline for future research in the domain.

show abstract

Section: Agriculturementioning

confidence: 99%

Developing Future Human-Centered Smart Cities: Critical Analysis of Smart City Security, Interpretability, and Ethical Challenges

Ahmad¹,

Maabreh²,

Ghaly³

et al. 2020

Preprint

View full text Add to dashboard Cite

show abstract

“…Papernot et al [16] have proposed the adversarial distance, which measures distances between different labels using gradient information to indicate the risk of misclassification between classes. Meanwhile, in the NIDS domain, Hartl et al [8] have developed the Adversarial Risk Score (ARS), which is a distance-based robustness score for classifiers against adversarial examples. In their work, they use a Recurrent Neural Network (RNN) for classification, and investigate the feature sensitivity of their classifier.…”

Section: Related Workmentioning

confidence: 99%

“…due to complementary security measures). Moreover, weights can be assigned empirically using a feature sensitivity analysis [8].…”

Section: Feature Analysis and Groupingmentioning

confidence: 99%

Subverting Network Intrusion Detection: Crafting Adversarial Examples Accounting for Domain-Specific Constraints

Teuffenbach

Piątkowska

Smith

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Deep Learning (DL) algorithms are being applied to network intrusion detection, as they can outperform other methods in terms of computational efficiency and accuracy. However, these algorithms have recently been found to be vulnerable to adversarial examples -inputs that are crafted with the intent of causing a Deep Neural Network (DNN) to misclassify with high confidence. Although a significant amount of work has been done to find robust defence techniques against adversarial examples, they still pose a potential risk. The majority of the proposed attack and defence strategies are tailored to the computer vision domain, in which adversarial examples were first found. In this paper, we consider this issue in the Network Intrusion Detection System (NIDS) domain and extend existing adversarial example crafting algorithms to account for the domain-specific constraints in the feature space. We propose to incorporate information about the difficulty of feature manipulation directly in the optimization function. Additionally, we define a novel measure for attack cost and include it in the assessment of the robustness of DL algorithms. We validate our approach on two benchmark datasets and demonstrate successful attacks against state-of-the-art DL network intrusion detection algorithms.

show abstract

Explainability and Adversarial Robustness for RNNs

Cited by 2 publications

References 15 publications

Developing Future Human-Centered Smart Cities: Critical Analysis of Smart City Security, Interpretability, and Ethical Challenges

Developing Future Human-Centered Smart Cities: Critical Analysis of Smart City Security, Interpretability, and Ethical Challenges

Subverting Network Intrusion Detection: Crafting Adversarial Examples Accounting for Domain-Specific Constraints

Contact Info

Product

Resources

About