Adversarial Attacks, Coarse Robustness, and Dataless Neural Networks: Novel Techniques for Improved Classification and Combinatorial Optimization

Author

Ismail Alkhouri, University of Central Florida

Abstract

Neural networks (NN) have become a central component in most machine learning systems. However, studies have shown that these models are not robust against adversarial attacks. As such, in this dissertation, we explore four directions. In the first direction, we investigate adversarial attacks on two hierarchical classification (HC) models: the Flat HC (FHC), and the Top-Down HC (TDHC). In particular, we formulate attacks against these models by using convex programming. Through experimental results, it is shown that FHCs are more robust than TDHCs. Second, we formalize a new notion of coarse robustness that is defined with respect to a specified grouping of the class labels. We propose a training mechanism that incorporates the coarse label information in addition to the finer ones, and empirically and theoretically show that this mechanism improves the proposed notion of coarse robustness. The third direction is the Bidirectional One-Shot Synthesis (BOSS) problem for synthesizing adversarial examples using structures similar to generative adversarial networks. However, BOSS does not require the use of any training data. In particular, we explore solutions where the generated data must simultaneously satisfy input/output user-defined constraints. We prove that the BOSS problem is NP-complete, and experimentally verify that the our method either outperforms or performs on par with the state-of-the-art methods. Subsequently, for the fourth direction, we extend the synthesis problem of adversarial attacks to solving the Maximum Independent Set (MIS) problem. This is accomplished by presenting NN structures derived with respect to finding MISs in the graph, where no data is required for training the neural networks that produce the solution. Experimental results on various graphs demonstrate that our proposed method performs on par or outperforms state-of-the-art learning-based methods without requiring any training data.

Notes

If this is your thesis or dissertation, and want to learn how to access it or for more information about readership statistics, contact us at STARS@ucf.edu

Graduation Date

2023

Semester

Spring

Advisor

Mikhael, Wasfy

Degree

Doctor of Philosophy (Ph.D.)

College

College of Engineering and Computer Science

Department

Electrical and Computer Engineering

Degree Program

Electrical Engineering

Format

application/pdf

Identifier

CFE0009469; DP0027466

URL

https://purls.library.ucf.edu/go/DP0027466

Language

English

Release Date

May 2023

Length of Campus-only Access

None

Access Status

Doctoral Dissertation (Open Access)

STARS Citation

Alkhouri, Ismail, "Adversarial Attacks, Coarse Robustness, and Dataless Neural Networks: Novel Techniques for Improved Classification and Combinatorial Optimization" (2023). Electronic Theses and Dissertations, 2020-2023. 1500.
https://stars.library.ucf.edu/etd2020/1500