Skip to search formSkip to main contentSkip to account menu

mixup: Beyond Empirical Risk Minimization

This work proposes mixup, a simple learning principle that trains a neural network on convex combinations of pairs of examples and their labels, which improves the generalization of state-of-the-art neural network architectures.
View PDF on arXiv (opens in a new tab)

Countering Adversarial Images using Input Transformations

This paper investigates strategies that defend against adversarial-example attacks on image-classification systems by transforming the inputs before feeding them to the system, and shows that total variance minimization and image quilting are very effective defenses in practice, when the network is trained on transformed images.
View PDF on arXiv (opens in a new tab)

Turning Your Weakness Into a Strength: Watermarking Deep Neural Networks by Backdooring

This work presents an approach for watermarking Deep Neural Networks in a black-box way, and shows experimentally that such a watermark has no noticeable impact on the primary task that the model is designed for.
View PDF on arXiv (opens in a new tab)

Parseval Networks: Improving Robustness to Adversarial Examples

It is shown that Parseval networks match the state-of-the-art in terms of accuracy on CIFAR-10/100 and Street View House Numbers while being more robust than their vanilla counterpart against adversarial examples.
View PDF on arXiv (opens in a new tab)

Efficient softmax approximation for GPUs

This work proposes an approximate strategy to efficiently train neural network based language models over very large vocabularies by exploiting the unbalanced word distribution to form clusters that explicitly minimize the expectation of computational complexity.
View PDF on arXiv (opens in a new tab)

Houdini: Fooling Deep Structured Prediction Models

This work introduces a novel flexible approach named Houdini for generating adversarial examples specifically tailored for the final performance measure of the task considered, be it combinatorial and non-decomposable.
View PDF on arXiv (opens in a new tab)

Fooling End-To-End Speaker Verification With Adversarial Examples

This paper presents white-box attacks on a deep end-to-end network that was either trained on YOHO or NTIMIT, and shows that one can significantly decrease the accuracy of a target system even when the adversarial examples are generated with different system potentially using different features.
View on IEEE (opens in a new tab)

Unbounded cache model for online language modeling with open vocabulary

This paper uses a large scale non-parametric memory component that stores all the hidden activations seen in the past and leverages recent advances in approximate nearest neighbor search and quantization algorithms to store millions of representations while searching them efficiently.
View PDF on arXiv (opens in a new tab)

ConvNets and ImageNet Beyond Accuracy: Explanations, Bias Detection, Adversarial Examples and Model Criticism

It is shown that explanations can mitigate the impact of misclassified adversarial examples from the perspective of the end-user and a novel tool for uncovering the undesirable biases learned by a model is introduced.
View PDF on arXiv (opens in a new tab)

ADIOS: Architectures Deep In Output Space

This paper proposes to make use of the underlying structure of binary classification by learning to partition the labels into a Markov Blanket Chain and then applying a novel deep architecture that exploits the partition.
View Paper (opens in a new tab)
By clicking accept or continuing to use the site, you agree to the terms outlined in our Privacy Policy (opens in a new tab), Terms of Service (opens in a new tab), and Dataset License (opens in a new tab)