-
Enhancing Transformation-based Defenses using a Distribution Classifier
Authors:
Connie Kou,
Hwee Kuan Lee,
Ee-Chien Chang,
Teck Khim Ng
Abstract:
Adversarial attacks on convolutional neural networks (CNN) have gained significant attention and there have been active research efforts on defense mechanisms. Stochastic input transformation methods have been proposed, where the idea is to recover the image from adversarial attack by random transformation, and to take the majority vote as consensus among the random samples. However, the transform…
▽ More
Adversarial attacks on convolutional neural networks (CNN) have gained significant attention and there have been active research efforts on defense mechanisms. Stochastic input transformation methods have been proposed, where the idea is to recover the image from adversarial attack by random transformation, and to take the majority vote as consensus among the random samples. However, the transformation improves the accuracy on adversarial images at the expense of the accuracy on clean images. While it is intuitive that the accuracy on clean images would deteriorate, the exact mechanism in which how this occurs is unclear. In this paper, we study the distribution of softmax induced by stochastic transformations. We observe that with random transformations on the clean images, although the mass of the softmax distribution could shift to the wrong class, the resulting distribution of softmax could be used to correct the prediction. Furthermore, on the adversarial counterparts, with the image transformation, the resulting shapes of the distribution of softmax are similar to the distributions from the clean images. With these observations, we propose a method to improve existing transformation-based defenses. We train a separate lightweight distribution classifier to recognize distinct features in the distributions of softmax outputs of transformed images. Our empirical studies show that our distribution classifier, by training on distributions obtained from clean images only, outperforms majority voting for both clean and adversarial images. Our method is generic and can be integrated with existing transformation-based defenses.
△ Less
Submitted 30 January, 2020; v1 submitted 1 June, 2019;
originally announced June 2019.
-
Theoretical and Experimental Analysis on the Generalizability of Distribution Regression Network
Authors:
Connie Kou,
Hwee Kuan Lee,
Jorge Sanz,
Teck Khim Ng
Abstract:
There is emerging interest in performing regression between distributions. In contrast to prediction on single instances, these machine learning methods can be useful for population-based studies or on problems that are inherently statistical in nature. The recently proposed distribution regression network (DRN) has shown superior performance for the distribution-to-distribution regression task co…
▽ More
There is emerging interest in performing regression between distributions. In contrast to prediction on single instances, these machine learning methods can be useful for population-based studies or on problems that are inherently statistical in nature. The recently proposed distribution regression network (DRN) has shown superior performance for the distribution-to-distribution regression task compared to conventional neural networks. However, in Kou et al. (2018) and some other works on distribution regression, there is a lack of comprehensive comparative study on both theoretical basis and generalization abilities of the methods. We derive some mathematical properties of DRN and qualitatively compare it to conventional neural networks. We also perform comprehensive experiments to study the generalizability of distribution regression models, by studying their robustness to limited training data, data sampling noise and task difficulty. DRN consistently outperforms conventional neural networks, requiring fewer training data and maintaining robust performance with noise. Furthermore, the theoretical properties of DRN can be used to provide some explanation on the ability of DRN to achieve better generalization performance than conventional neural networks.
△ Less
Submitted 31 May, 2019; v1 submitted 4 November, 2018;
originally announced November 2018.
-
A Compact Network Learning Model for Distribution Regression
Authors:
Connie Kou,
Hwee Kuan Lee,
Teck Khim Ng
Abstract:
Despite the superior performance of deep learning in many applications, challenges remain in the area of regression on function spaces. In particular, neural networks are unable to encode function inputs compactly as each node encodes just a real value. We propose a novel idea to address this shortcoming: to encode an entire function in a single network node. To that end, we design a compact netwo…
▽ More
Despite the superior performance of deep learning in many applications, challenges remain in the area of regression on function spaces. In particular, neural networks are unable to encode function inputs compactly as each node encodes just a real value. We propose a novel idea to address this shortcoming: to encode an entire function in a single network node. To that end, we design a compact network representation that encodes and propagates functions in single nodes for the distribution regression task. Our proposed Distribution Regression Network (DRN) achieves higher prediction accuracies while being much more compact and uses fewer parameters than traditional neural networks.
△ Less
Submitted 10 July, 2018; v1 submitted 12 April, 2018;
originally announced April 2018.
-
Accurate estimation of influenza epidemics using Google search data via ARGO
Authors:
Shihao Yang,
Mauricio Santillana,
S. C. Kou
Abstract:
Accurate real-time tracking of influenza outbreaks helps public health officials make timely and meaningful decisions that could save lives. We propose an influenza tracking model, ARGO (AutoRegression with GOogle search data), that uses publicly available online search data. In addition to having a rigorous statistical foundation, ARGO outperforms all previously available Google-search-based trac…
▽ More
Accurate real-time tracking of influenza outbreaks helps public health officials make timely and meaningful decisions that could save lives. We propose an influenza tracking model, ARGO (AutoRegression with GOogle search data), that uses publicly available online search data. In addition to having a rigorous statistical foundation, ARGO outperforms all previously available Google-search-based tracking models, including the latest version of Google Flu Trends, even though it uses only low-quality search data as input from publicly available Google Trends and Google Correlate websites. ARGO not only incorporates the seasonality in influenza epidemics but also captures changes in people's online search behavior over time. ARGO is also flexible, self-correcting, robust, and scalable, making it a potentially powerful tool that can be used for real-time tracking of other social events at multiple temporal and spatial resolutions.
△ Less
Submitted 16 November, 2015; v1 submitted 4 May, 2015;
originally announced May 2015.
-
Development and Application of a Diaphragm Micro-Pump with Piezoelectric Device
Authors:
H. K. Ma,
B. R. Hou,
H. Y. Wu,
C. Y. Lin,
J. J. Gao,
M. C. Kou
Abstract:
In this study, a new type of thin, compact, and light weighed diaphragm micro-pump has been successfully developed to actuate the liquid by the vibration of a diaphragm. The micro-diaphragm pump with two valves is fabricated in an aluminum case by using highly accurate CNC machine, and the cross-section dimension is 5mm x 8mm. Both valves and diaphragm are manufactured from PDMS. The amplitude o…
▽ More
In this study, a new type of thin, compact, and light weighed diaphragm micro-pump has been successfully developed to actuate the liquid by the vibration of a diaphragm. The micro-diaphragm pump with two valves is fabricated in an aluminum case by using highly accurate CNC machine, and the cross-section dimension is 5mm x 8mm. Both valves and diaphragm are manufactured from PDMS. The amplitude of vibration by a piezoelectric device produces an oscillating flow which may change the chamber volume by changing the curvature of a diaphragm. Several experimental set-ups for performance test in a single micro-diaphragm pump, isothermal flow open system, and a closed liquid cooling system is designed and implemented. The performance of one-side actuating micro-diaphragm pump is affected by the design of check valves, diaphragm, piezoelectric device, chamber volume, input voltage and frequency. The measured maximum flow rate of present design is 72 ml/min at zero total pump head in the range of operation frequency 70-180 Hz.
△ Less
Submitted 21 February, 2008;
originally announced February 2008.
