Abstract
The flexibility and high-accuracy of Deep Neural Networks (DNNs) has transformed computer vision. But, the fact that we do not know when a specific DNN will work and when it will fail has resulted in a lack of trust. A clear example is self-driving cars; people are uncomfortable sitting in a car driven by algorithms that may fail under some unknown, unpredictable conditions. Interpretability and explainability approaches attempt to address this by uncovering what a DNN models, i.e., what each node (cell) in the network represents and what images are most likely to activate it. This can be used to generate, for example, adversarial attacks. But these approaches do not generally allow us to determine where a DNN will succeed or fail and why. i.e., does this learned representation generalize to unseen samples? Here, we derive a novel approach to define what it means to learn in deep networks, and how to use this knowledge to detect adversarial attacks. We show how this defines the ability of a network to generalize to unseen testing samples and, most importantly, why this is the case.
| Original language | English |
|---|---|
| Title of host publication | 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |
| Number of pages | 10 |
| Publisher | IEEE Communications Society |
| Publication date | 20 Jun 2019 |
| Pages | 4752-4761 |
| Article number | 8953424 |
| ISBN (Print) | 978-1-7281-3294-5 |
| DOIs | |
| Publication status | Published - 20 Jun 2019 |
| Externally published | Yes |
| Event | 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) - Long Beach, CA, USA Duration: 15 Jun 2019 → 20 Jun 2019 |
Conference
| Conference | 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) |
|---|---|
| Location | Long Beach, CA, USA |
| Period | 15/06/2019 → 20/06/2019 |