András Horváth

Title of the lecture: The importance of adversarial attacks in deep neural networks
Keywords: adversarial attacks, explainable AI, patch-based attacks, robustness of neural networks
Summary: With the application of deep neural networks becoming mainstream in our everyday lives, questions about robustness and reliability of these networks are also becoming ever more important. Adversarial attacks reveal an important weakness of neural networks. Small perturbations of the input image easily cause misclassifications without changing the perception of a human observer. Among various attack methods, patch-based attacks are the most threatening because they are robust enough for use in real world applications. These modifications cause an abrupt change on a small area of the input image and can invoke arbitrarily large activations in the network. In this talk I will introduce methods to detect and prevent adversarial attacks and yield safer applications in practice. and also investigate their feasibility from a combinatorial perspective.