Showing papers by "Terrance E. Boult published in 2019"

Learning and the Unknown: Surveying Steps toward Open World Recognition

Abstract: As science attempts to close the gap between man and machine by building systems capable of learning, we must embrace the importance of the unknown. The ability to differentiate between known and unknown can be considered a critical element of any intelligent self-learning system. The ability to reject uncertain inputs has a very long history in machine learning, as does including a background or garbage class to account for inputs that are not of interest. This paper explains why neither of these is genuinely sufficient for handling unknown inputs – uncertain is not unknown, and unknowns need not appear to be uncertain to a learning system. The past decade has seen the formalization and development of many open set algorithms, which provably bound the risk from unknown classes. We summarize the state of the art, core ideas, and results and explain why, despite the efforts to date, the current techniques are genuinely insufficient for handling unknown inputs, especially for deep networks.

Improved Adversarial Robustness by Reducing Open Space Risk via Tent Activations.

Abstract: Adversarial examples contain small perturbations that can remain imperceptible to human observers but alter the behavior of even the best performing deep learning models and yield incorrect outputs. Since their discovery, adversarial examples have drawn significant attention in machine learning: researchers try to reveal the reasons for their existence and improve the robustness of machine learning models to adversarial perturbations. The state-of-the-art defense is the computationally expensive and very time consuming adversarial training via projected gradient descent (PGD). We hypothesize that adversarial attacks exploit the open space risk of classic monotonic activation functions. This paper introduces the tent activation function with bounded open space risk and shows that tents make deep learning models more robust to adversarial attacks. We demonstrate on the MNIST dataset that a classifier with tents yields an average accuracy of 91.8% against six white-box adversarial attacks, which is more than 15 percentage points above the state of the art. On the CIFAR-10 dataset, our approach improves the average accuracy against the six white-box adversarial attacks to 73.5% from 41.8% achieved by adversarial training via PGD.

CNN with Paragraph to Multi-Sequence Learning for Sensitive Text Detection

Abstract: The problem of sensitive information leaks became apparent in the recent infamous security breaches such as WikiLeaks, DNC emails, and Panama Papers. Detecting sensitive texts on the fly enhances the capabilities of security solutions' to monitor and protect critical information flow within the network. Automated text security classification is relatively a new research area, where sensitive texts are marked with labels as Secret, Confidential, and Unclassified with no human interaction. This paper examines the performance of deep learning networks in detecting the sensitivity levels of a given text. In deep text classification networks, regardless of text samples length, each paragraph/sentence is represented by a single sequence. We propose techniques to expand training set size, minimize the number of padding character in sequences, and lower inputs' dimensionality through learning from long paragraphs' segments as independent instances. Also, we introduce a wide variation of Convolution Neural Networks (CNN) network evaluated on four large sets of U. S. embassy's diplomatic cables. We are not aware of any paper that applied deep networks to sensitive text classification. Thus, we further evaluate our multi-sequencing technique and CNN network on well-researched non-sensitive text corpora. Our approach outperformed the state-of-the-art models on non-sensitive text datasets and competed with other traditional classifiers on the sensitive text datasets.