{"title":"CNN模型训练集扰动与鲁棒性的关系","authors":"Zili Wu, Jun Ai, Minyan Lu, Jie Wang, Liang Yan","doi":"10.1109/DSA56465.2022.00077","DOIUrl":null,"url":null,"abstract":"Convolutional Neural Network (CNN) models perform well in image processing and are increasingly used in face recognition, self-driving cars, etc. However, CNN models are susceptible to perturbation and thus fail. Adding perturbation samples to the training sets is a method to improve the perturbation resistance of CNN models. In this paper, we give the methods including dataset construction, model retraining, and robustness metrics. The empirical study on the correlation between Project Gradient Descent (PGD) adversarial training and CNN model robustness is carried out in perturbation degree, proportion, and sample feature in training sets. The results show that the trend of CNN model robustness is related to the network architecture and it changes with the perturbation degree and proportion, and that perturbing images with one feature in the training set can improve the ability of CNN models to recognize images with that feature, and training for the scenario to which the CNN model is applied can improve the robustness of the model.","PeriodicalId":208148,"journal":{"name":"2022 9th International Conference on Dependable Systems and Their Applications (DSA)","volume":"92 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The Correlation between Training Set Perturbations and Robustness for CNN Models\",\"authors\":\"Zili Wu, Jun Ai, Minyan Lu, Jie Wang, Liang Yan\",\"doi\":\"10.1109/DSA56465.2022.00077\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Convolutional Neural Network (CNN) models perform well in image processing and are increasingly used in face recognition, self-driving cars, etc. However, CNN models are susceptible to perturbation and thus fail. Adding perturbation samples to the training sets is a method to improve the perturbation resistance of CNN models. In this paper, we give the methods including dataset construction, model retraining, and robustness metrics. The empirical study on the correlation between Project Gradient Descent (PGD) adversarial training and CNN model robustness is carried out in perturbation degree, proportion, and sample feature in training sets. The results show that the trend of CNN model robustness is related to the network architecture and it changes with the perturbation degree and proportion, and that perturbing images with one feature in the training set can improve the ability of CNN models to recognize images with that feature, and training for the scenario to which the CNN model is applied can improve the robustness of the model.\",\"PeriodicalId\":208148,\"journal\":{\"name\":\"2022 9th International Conference on Dependable Systems and Their Applications (DSA)\",\"volume\":\"92 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 9th International Conference on Dependable Systems and Their Applications (DSA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSA56465.2022.00077\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 9th International Conference on Dependable Systems and Their Applications (DSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSA56465.2022.00077","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The Correlation between Training Set Perturbations and Robustness for CNN Models
Convolutional Neural Network (CNN) models perform well in image processing and are increasingly used in face recognition, self-driving cars, etc. However, CNN models are susceptible to perturbation and thus fail. Adding perturbation samples to the training sets is a method to improve the perturbation resistance of CNN models. In this paper, we give the methods including dataset construction, model retraining, and robustness metrics. The empirical study on the correlation between Project Gradient Descent (PGD) adversarial training and CNN model robustness is carried out in perturbation degree, proportion, and sample feature in training sets. The results show that the trend of CNN model robustness is related to the network architecture and it changes with the perturbation degree and proportion, and that perturbing images with one feature in the training set can improve the ability of CNN models to recognize images with that feature, and training for the scenario to which the CNN model is applied can improve the robustness of the model.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
