Overview / Usage

Deep Learning has brought us tremendous achievements in the field of Computer Vision. In spite of the impeccable success, modern Deep Learning systems are still prone to adversaries. Let's talk in terms of Computer Vision. Consider an image of a polar bear and an instance of it (X1). A Deep Learning-based image classifier is able to successfully X1 as a polar bear. Now consider another instance of a polar bear X2 which is a slightly perturbed version of X1. To the human eyes, it would still be a polar bear but for that same image classifier, it would be an ant. These perturbations are referred to as image adversaries.

​

This project showcases examples of:

• Creating image adversaries in two forms: normal attacks and targetted attacks.
• Training an adversarially robust image classifier using the Neural Structured Learning framework.

Methodology / Approach

First, I show how to create image adversaries drawing motivation from the classical Fast-Sgn Gradient Method proposed by Goodfellow et al. In the second part, I show how to train adversarially robust image classifiers using the Neural Structured Learning framework by TensorFlow.

Technologies Used

• TensorFlow core

• Keras

• Neural Structured Learning

Repository

https://github.com/sayakpaul/Image-Adversaries-101