DeepFool: a simple and accurate method to fool deep neural networks

State-of-the-art deep neural networks have achieved impressive results on many image classification tasks. However, these same architectures have been shown to be unstable to small, well sought, perturbations of the images. Despite the importance of this phenomenon, no effective methods have been proposed to accurately compute the robustness of state-of-the-art deep classifiers to such perturbations on large-scale datasets. In this paper, we fill this gap and propose the DeepFool algorithm to efficiently compute perturbations that fool deep networks, and thus reliably quantify the robustness of these classifiers. Extensive experimental results show that our approach outperforms recent methods in the task of computing adversarial perturbations and making classifiers more robust.


Published in:
Proceedings of 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR)
Presented at:
IEEE Conference on Computer Vision and Pattern Recognition, Las Vegas, Nevada, USA, 2016
Year:
2016
Keywords:
Laboratories:




 Record created 2016-04-15, last modified 2018-03-17

n/a:
Download fulltext
PDF

Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)