Robustness Guarantees for Deep Neural Networks on Videos
Min Wu, Marta Kwiatkowska
TL;DR
This paper develops a framework to quantify and improve the robustness of deep neural networks on videos by approximating the maximum safe radius through a game-theoretic approach, with provable guarantees and practical evaluation.
Contribution
It introduces a novel method combining Lipschitz continuity, finite optimisation, and game theory to assess and enhance video model robustness with theoretical guarantees.
Findings
Framework provides provable robustness bounds.
Effective in identifying adversarial vulnerabilities.
Demonstrated on UCF101 dataset with promising results.
Abstract
The widespread adoption of deep learning models places demands on their robustness. In this paper, we consider the robustness of deep neural networks on videos, which comprise both the spatial features of individual frames extracted by a convolutional neural network and the temporal dynamics between adjacent frames captured by a recurrent neural network. To measure robustness, we study the maximum safe radius problem, which computes the minimum distance from the optical flow sequence obtained from a given input to that of an adversarial example in the neighbourhood of the input. We demonstrate that, under the assumption of Lipschitz continuity, the problem can be approximated using finite optimisation via discretising the optical flow space, and the approximation has provable guarantees. We then show that the finite optimisation problem can be solved by utilising a two-player turn-based…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
Robustness Guarantees for Deep Neural Networks on Videos· youtube
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Anomaly Detection Techniques and Applications · Advanced Neural Network Applications