解释和利用对抗样本

Dec, 2014

Explaining and Harnessing Adversarial Examples

Ian J. Goodfellow, Jonathon Shlens, Christian Szegedy

TL;DR机器学习模型因神经网络的线性特性容易受到对抗性扰动的影响，该现象不同于过拟合和非线性，但可以通过生成对抗性训练样本来减小MNIST数据集中maxout网络的误差。

Abstract

Several machine learning models, including neural networks, consistently misclassify adversarial examples---inputs formed by applying smal