Statistics > Machine Learning
[Submitted on 5 Feb 2018 (v1), revised 8 Oct 2018 (this version, v3), latest version 16 Jun 2019 (v4)]
Title:Adversarial Vulnerability of Neural Networks Increases With Input Dimension
View PDFAbstract:Over the past four years, neural networks have been proven vulnerable to adversarial images: targeted but imperceptible image perturbations lead to drastically different predictions. We show that adversarial vulnerability increases with the gradients of the training objective when viewed as a function of the inputs. For most current network architectures, we prove that the $\ell_1$-norm of these gradients grows as the square root of the input size. These nets therefore become increasingly vulnerable with growing image size. Our proofs rely on the network's weight distribution at initialization, but extensive experiments confirm that our conclusions still hold after training.
Submission history
From: Carl-Johann Simon-Gabriel [view email][v1] Mon, 5 Feb 2018 14:36:44 UTC (551 KB)
[v2] Tue, 29 May 2018 13:26:43 UTC (1,072 KB)
[v3] Mon, 8 Oct 2018 19:01:10 UTC (1,080 KB)
[v4] Sun, 16 Jun 2019 20:55:06 UTC (2,485 KB)
Current browse context:
stat.ML
References & Citations
Bibliographic and Citation Tools
Bibliographic Explorer (What is the Explorer?)
Litmaps (What is Litmaps?)
scite Smart Citations (What are Smart Citations?)
Code, Data and Media Associated with this Article
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub (What is DagsHub?)
Gotit.pub (What is GotitPub?)
Papers with Code (What is Papers with Code?)
ScienceCast (What is ScienceCast?)
Demos
Recommenders and Search Tools
Influence Flower (What are Influence Flowers?)
Connected Papers (What is Connected Papers?)
CORE Recommender (What is CORE?)
arXivLabs: experimental projects with community collaborators
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.