Adversarial Examples in Deep Learning
Optical illusions fool our brains into creating false perceptions. Something similar can be done with deep learning systems. Attackers can intentionally design inputs—known as adversarial examples—that can cause deep neural networks to make mistakes. The mistakes might be harmless (classifying an image of a panda as that of a gibbon, for example) or potentially dangerous (a neural network fails to recognize a stop sign because of strategically placed stickers). This panel will discuss adversarial examples: how can they be designed, how can ML models guard against them, if at all, and the connection between robustness against adversarial attacks and the size of deep neural networks, both in theory and practice.
Moderator: Anil Ananthaswamy
Sébastien Bubeck (Microsoft Research), Melanie Mitchell (Santa Fe Institute), and Laurens van der Maaten (Facebook AI Research)