-
Brain Programming is Immune to Adversarial Attacks: Towards Accurate and Robust Image Classification using Symbolic Learning
Authors:
Gerardo Ibarra-Vazquez,
Gustavo Olague,
Mariana Chan-Ley,
Cesar Puente,
Carlos Soubervielle-Montalvo
Abstract:
In recent years, the security concerns about the vulnerability of Deep Convolutional Neural Networks (DCNN) to Adversarial Attacks (AA) in the form of small modifications to the input image almost invisible to human vision make their predictions untrustworthy. Therefore, it is necessary to provide robustness to adversarial examples in addition to an accurate score when developing a new classifier.…
▽ More
In recent years, the security concerns about the vulnerability of Deep Convolutional Neural Networks (DCNN) to Adversarial Attacks (AA) in the form of small modifications to the input image almost invisible to human vision make their predictions untrustworthy. Therefore, it is necessary to provide robustness to adversarial examples in addition to an accurate score when developing a new classifier. In this work, we perform a comparative study of the effects of AA on the complex problem of art media categorization, which involves a sophisticated analysis of features to classify a fine collection of artworks. We tested a prevailing bag of visual words approach from computer vision, four state-of-the-art DCNN models (AlexNet, VGG, ResNet, ResNet101), and the Brain Programming (BP) algorithm. In this study, we analyze the algorithms' performance using accuracy. Besides, we use the accuracy ratio between adversarial examples and clean images to measure robustness. Moreover, we propose a statistical analysis of each classifier's predictions' confidence to corroborate the results. We confirm that BP predictions' change was below 2\% using adversarial examples computed with the fast gradient sign method. Also, considering the multiple pixel attack, BP obtained four out of seven classes without changes and the rest with a maximum error of 4\% in the predictions. Finally, BP also gets four categories using adversarial patches without changes and for the remaining three classes with a variation of 1\%. Additionally, the statistical analysis showed that the predictions' confidence of BP were not significantly different for each pair of clean and perturbed images in every experiment. These results prove BP's robustness against adversarial examples compared to DCNN and handcrafted features methods, whose performance on the art media classification was compromised with the proposed perturbations.
△ Less
Submitted 1 March, 2021;
originally announced March 2021.
-
Fuzzy Stochastic Timed Petri Nets for Causal properties representation
Authors:
Alejandro Sobrino,
Eduardo C. Garrido-Merchan,
Cristina Puente
Abstract:
Imagery is frequently used to model, represent and communicate knowledge. In particular, graphs are one of the most powerful tools, being able to represent relations between objects. Causal relations are frequently represented by directed graphs, with nodes denoting causes and links denoting causal influence. A causal graph is a skeletal picture, showing causal associations and impact between enti…
▽ More
Imagery is frequently used to model, represent and communicate knowledge. In particular, graphs are one of the most powerful tools, being able to represent relations between objects. Causal relations are frequently represented by directed graphs, with nodes denoting causes and links denoting causal influence. A causal graph is a skeletal picture, showing causal associations and impact between entities. Common methods used for graphically representing causal scenarios are neurons, truth tables, causal Bayesian networks, cognitive maps and Petri Nets. Causality is often defined in terms of precedence (the cause precedes the effect), concurrency (often, an effect is provoked simultaneously by two or more causes), circularity (a cause provokes the effect and the effect reinforces the cause) and imprecision (the presence of the cause favors the effect, but not necessarily causes it). We will show that, even though the traditional graphical models are able to represent separately some of the properties aforementioned, they fail trying to illustrate indistinctly all of them. To approach that gap, we will introduce Fuzzy Stochastic Timed Petri Nets as a graphical tool able to represent time, co-occurrence, looping and imprecision in causal flow.
△ Less
Submitted 24 November, 2020;
originally announced November 2020.
-
A Deep Genetic Programming based Methodology for Art Media Classification Robust to Adversarial Perturbations
Authors:
Gustavo Olague,
Gerardo Ibarra-Vazquez,
Mariana Chan-Ley,
Cesar Puente,
Carlos Soubervielle-Montalvo,
Axel Martinez
Abstract:
Art Media Classification problem is a current research area that has attracted attention due to the complex extraction and analysis of features of high-value art pieces. The perception of the attributes can not be subjective, as humans sometimes follow a biased interpretation of artworks while ensuring automated observation's trustworthiness. Machine Learning has outperformed many areas through it…
▽ More
Art Media Classification problem is a current research area that has attracted attention due to the complex extraction and analysis of features of high-value art pieces. The perception of the attributes can not be subjective, as humans sometimes follow a biased interpretation of artworks while ensuring automated observation's trustworthiness. Machine Learning has outperformed many areas through its learning process of artificial feature extraction from images instead of designing handcrafted feature detectors. However, a major concern related to its reliability has brought attention because, with small perturbations made intentionally in the input image (adversarial attack), its prediction can be completely changed. In this manner, we foresee two ways of approaching the situation: (1) solve the problem of adversarial attacks in current neural networks methodologies, or (2) propose a different approach that can challenge deep learning without the effects of adversarial attacks. The first one has not been solved yet, and adversarial attacks have become even more complex to defend. Therefore, this work presents a Deep Genetic Programming method, called Brain Programming, that competes with deep learning and studies the transferability of adversarial attacks using two artworks databases made by art experts. The results show that the Brain Programming method preserves its performance in comparison with AlexNet, making it robust to these perturbations and competing to the performance of Deep Learning.
△ Less
Submitted 2 October, 2020;
originally announced October 2020.
-
Fake News Detection by means of Uncertainty Weighted Causal Graphs
Authors:
Eduardo C. Garrido-Merchán,
Cristina Puente,
Rafael Palacios
Abstract:
Society is experimenting changes in information consumption, as new information channels such as social networks let people share news that do not necessarily be trust worthy. Sometimes, these sources of information produce fake news deliberately with doubtful purposes and the consumers of that information share it to other users thinking that the information is accurate. This transmission of info…
▽ More
Society is experimenting changes in information consumption, as new information channels such as social networks let people share news that do not necessarily be trust worthy. Sometimes, these sources of information produce fake news deliberately with doubtful purposes and the consumers of that information share it to other users thinking that the information is accurate. This transmission of information represents an issue in our society, as can influence negatively the opinion of people about certain figures, groups or ideas. Hence, it is desirable to design a system that is able to detect and classify information as fake and categorize a source of information as trust worthy or not. Current systems experiment difficulties performing this task, as it is complicated to design an automatic procedure that can classify this information independent on the context. In this work, we propose a mechanism to detect fake news through a classifier based on weighted causal graphs. These graphs are specific hybrid models that are built through causal relations retrieved from texts and consider the uncertainty of causal relations. We take advantage of this representation to use the probability distributions of this graph and built a fake news classifier based on the entropy and KL divergence of learned and new information. We believe that the problem of fake news is accurately tackled by this model due to its hybrid nature between a symbolic and quantitative methodology. We describe the methodology of this classifier and add empirical evidence of the usefulness of our proposed approach in the form of synthetic experiments and a real experiment involving lung cancer.
△ Less
Submitted 2 April, 2020; v1 submitted 3 February, 2020;
originally announced February 2020.
-
Uncertainty Weighted Causal Graphs
Authors:
Eduardo C. Garrido-Merchán,
C. Puente,
A. Sobrino,
J. A. Olivas
Abstract:
Causality has traditionally been a scientific way to generate knowledge by relating causes to effects. From an imaginery point of view, causal graphs are a helpful tool for representing and infering new causal information. In previous works, we have generated automatically causal graphs associated to a given concept by analyzing sets of documents and extracting and representing the found causal in…
▽ More
Causality has traditionally been a scientific way to generate knowledge by relating causes to effects. From an imaginery point of view, causal graphs are a helpful tool for representing and infering new causal information. In previous works, we have generated automatically causal graphs associated to a given concept by analyzing sets of documents and extracting and representing the found causal information in that visual way. The retrieved information shows that causality is frequently imperfect rather than exact, feature gathered by the graph. In this work we will attempt to go a step further modelling the uncertainty in the graph through probabilistic improving the management of the imprecision in the quoted graph.
△ Less
Submitted 6 February, 2020; v1 submitted 2 February, 2020;
originally announced February 2020.
