Skip to main content

Uncertainty estimation based adversarial attack in multi-class classification.

Alarab, I. and Prakoonwit, S., 2022. Uncertainty estimation based adversarial attack in multi-class classification. Multimedia Tools and Applications. (In Press)

Full text available as:

[img]
Preview
PDF (OPEN ACCESS ARTICLE)
s11042-022-13269-1.pdf - Published Version
Available under License Creative Commons Attribution.

1MB
[img] PDF
Uncertainty Estimation based Adversarial Attack in Multi-Class Classification.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Attribution Non-commercial.

954kB

DOI: 10.1007/s11042-022-13269-1

Abstract

Model uncertainty has gained popularity in machine learning due to the overconfident predictions derived from standard neural networks which are not trustworthy. Recently, Monte-Carlo based adversarial attack (MC-AA) has been proposed as a simple uncertainty estimation method which is powerful in capturing data points that lie in the overlapping distribution of the decision boundary. MC-AA produces uncertainties by performing back-and-forth perturbations of a given data point towards the decision boundary using the idea of adversarial attacks. Despite its efficacy against other uncertainty estimation methods, this method has been only examined on binary classification problems. Thus, we present and examine MC-AA with multi-class classification tasks. We point out the limitation of this method with multiple classes which we tackle by converting multiclass problem into 'one-versus-all' classification. We compare MC-AA against other recent model uncertainty methods on Cora – a graph structured dataset – and MNIST – an image dataset. Thus, the conducted experiments are performed using a variety of deep learning algorithms to perform the classification. Consequently, we discuss the best results of model uncertainty with Cora data using LEConv model of AUC-score 0.889 and MNIST data using CNN of AUC-score 0.98 against other uncertainty estimation methods.

Item Type:Article
ISSN:1380-7501
Additional Information:Funded by Artificial intelligence assisted virtual reality system for blockchain network
Uncontrolled Keywords:Uncertainty estimation; Adversarial attack; Deep neural network
Group:Faculty of Science & Technology
ID Code:37047
Deposited By: Symplectic RT2
Deposited On:10 Jun 2022 13:35
Last Modified:07 Sep 2022 14:39

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -