Abstract
Neural networks (NN) have become a central component in most machine learning systems. However, studies have shown that these models are not robust against adversarial attacks. As such, in this dissertation, we explore four directions. In the first direction, we investigate adversarial attacks on two hierarchical classification (HC) models: the Flat HC (FHC), and the Top-Down HC (TDHC). In particular, we formulate attacks against these models by using convex programming. Through experimental results, it is shown that FHCs are more robust than TDHCs. Second, we formalize a new notion of coarse robustness that is defined with respect to a specified grouping of the class labels. We propose a training mechanism that incorporates the coarse label information in addition to the finer ones, and empirically and theoretically show that this mechanism improves the proposed notion of coarse robustness. The third direction is the Bidirectional One-Shot Synthesis (BOSS) problem for synthesizing adversarial examples using structures similar to generative adversarial networks. However, BOSS does not require the use of any training data. In particular, we explore solutions where the generated data must simultaneously satisfy input/output user-defined constraints. We prove that the BOSS problem is NP-complete, and experimentally verify that the our method either outperforms or performs on par with the state-of-the-art methods. Subsequently, for the fourth direction, we extend the synthesis problem of adversarial attacks to solving the Maximum Independent Set (MIS) problem. This is accomplished by presenting NN structures derived with respect to finding MISs in the graph, where no data is required for training the neural networks that produce the solution. Experimental results on various graphs demonstrate that our proposed method performs on par or outperforms state-of-the-art learning-based methods without requiring any training data.
Notes
If this is your thesis or dissertation, and want to learn how to access it or for more information about readership statistics, contact us at STARS@ucf.edu
Graduation Date
2023
Semester
Spring
Advisor
Mikhael, Wasfy
Degree
Doctor of Philosophy (Ph.D.)
College
College of Engineering and Computer Science
Department
Electrical and Computer Engineering
Degree Program
Electrical Engineering
Format
application/pdf
Identifier
CFE0009469; DP0027466
URL
https://purls.library.ucf.edu/go/DP0027466
Language
English
Release Date
May 2023
Length of Campus-only Access
None
Access Status
Doctoral Dissertation (Open Access)
STARS Citation
Alkhouri, Ismail, "Adversarial Attacks, Coarse Robustness, and Dataless Neural Networks: Novel Techniques for Improved Classification and Combinatorial Optimization" (2023). Electronic Theses and Dissertations, 2020-. 1500.
https://stars.library.ucf.edu/etd2020/1500