An Investigation of Bounded Misclassification for Operational Security of Deep Neural Networks

Deep Neural Networks are known to be prone to incomprehensible mistakes on the inputs they do misclassify. However, from the perspective of an end-to-end system built on top of a classifier, there may be additional layers of decision making that may actually be immune to particular kinds of misclassification. For example, if a drone ends up misclassifying a yellow school bus as something similar, such as a cab instead of, say, an enemy tank, then the underlying decision problem of ignoring this object as a possible target remains the same, and hence unaffected. In this brief abstract, we discuss this notion of robustness called “bounded misclassification” that is domain-specific and operational, and is specifically predicated on the overall functionalities of a particular application.

[1]  Logan Engstrom,et al.  Synthesizing Robust Adversarial Examples , 2017, ICML.

[2]  Ananthram Swami,et al.  The Limitations of Deep Learning in Adversarial Settings , 2015, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[3]  Seyed-Mohsen Moosavi-Dezfooli,et al.  DeepFool: A Simple and Accurate Method to Fool Deep Neural Networks , 2015, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[4]  Ananthram Swami,et al.  Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks , 2015, 2016 IEEE Symposium on Security and Privacy (SP).

[5]  Pieter Abbeel,et al.  Combined task and motion planning through an extensible planner-independent interface layer , 2014, 2014 IEEE International Conference on Robotics and Automation (ICRA).

[6]  Joan Bruna,et al.  Intriguing properties of neural networks , 2013, ICLR.

[7]  Subbarao Kambhampati,et al.  On the Relations Between Intelligent Backtracking and Failure-Driven Explanation-Based Learning in Constraint Satisfaction and Planning , 1998, Artif. Intell..

[8]  James A. Hendler,et al.  HTN Planning: Complexity and Expressivity , 1994, AAAI.

[9]  Michael J. Pazzani,et al.  Reducing Misclassification Costs , 1994, ICML.