Presented By O’Reilly and Intel AI

Beijing • New York • San Francisco • London

Put AI to Work

April 29-30, 2018: Training

April 30-May 2, 2018: Tutorials & Conference

New York, NY

Fooling neural networks in the physical world

Andrew Ilyas (Massachusetts Institute of Technology), Logan Engstrom (Massachusetts Institute of Technology), Anish Athalye (Massachusetts Institute of Technology)

11:55am–12:35pm Wednesday, May 2, 2018

Interacting with AI, Models and Methods
Location: Concourse A

Average rating:

(5.00, 2 ratings)

Who is this presentation for?

Those concerned about security in machine learning

Prerequisite knowledge

A basic understanding of neural networks, image classification, and backpropagation

What you'll learn

Explore an approach that produces adversarial examples that fool neural networks at any angle in the physical world

Description

Adversarial examples generated with standard methods do not consistently fool a classifier in the physical world, due to a combination of viewpoint shifts, camera noise, and other natural transformations. These examples require complete control over direct input to the classifier, which is fundamentally impossible in many real-world systems.

Andrew Ilyas, Logan Engstrom, and Anish Athalye offer an overview of an algorithm that produces adversarial examples that remain adversarial under an attacker-chosen distribution and demonstrate its application in two dimensions, producing adversarial images that are robust to noise, distortion, and affine transformation and showing that these input distortions are ineffective against robust adversarial examples. They then apply the algorithm to produce the first physical 3D-printed adversarial objects, demonstrating how the approach works in the real world.

Andrew Ilyas

Massachusetts Institute of Technology

Andrew Ilyas is an undergraduate student at the Massachusetts Institute of Technology.

Website

Logan Engstrom

Massachusetts Institute of Technology

Logan Engstrom is an undergraduate student at the Massachusetts Institute of Technology.

Anish Athalye

Massachusetts Institute of Technology

Anish Athalye is a graduate student at the Massachusetts Institute of Technology.

Presented by

Elite Sponsors

Strategic Sponsors

Knowledge Sponsor

Contributing Sponsors

Impact Sponsors

Premier Exhibitors

Supporting Sponsors

Community Partner

Sponsorship Opportunities

For exhibition and sponsorship opportunities, email aisponsorships@oreilly.com

Partner Opportunities

For information on trade opportunities with O'Reilly conferences, email partners@oreilly.com

Contact Us

View a complete list of AI contacts

©2018, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • confreg@oreilly.com