Whitening Black-Box Neural Networks
نویسندگان
چکیده
Many deployed learned models are black boxes: given input, returns output. Internal information about the model, such as the architecture, optimisation procedure, or training data, is not disclosed explicitly as it might contain proprietary information or make the system more vulnerable. This work shows that such attributes of neural networks can be exposed from a sequence of queries. This has multiple implications. On the one hand, our work exposes the vulnerability of black-box neural networks to different types of attacks – we show that the revealed internal information helps generate more effective adversarial examples against the black box model. On the other hand, this technique can be used for better protection of private content from automatic recognition models using adversarial examples. Our paper suggests that it is actually hard to draw a line between white box and black box models.
منابع مشابه
Knowledge Extraction from the Neural ‘Black Box’ in Ecological Monitoring
Phytoplankton biomass within the Saginaw Bay ecosystem (Lake Huron, Michigan, USA) was characterized as a function of select physical/chemical indicators. The complexity and variability of ecological systems typically make it difficult to model the influences of anthropogenic stressors and/or natural disturbances. Here, Artificial Neural Networks (ANNs) were developed to model chlorophyll a con...
متن کاملRainfall-runoff modelling using artificial neural networks (ANNs): modelling and understanding
In recent years, artificial neural networks (ANNs) have become one of the most promising tools in order to model complex hydrological processes such as the rainfall-runoff process. In many studies, ANNs have demonstrated superior results compared to alternative methods. ANNs are able to map underlying relationship between input and output data without prior understanding of the process under in...
متن کاملSPIE 7 th International Symposium on Smart Structures and Materials
For nonlinear and adaptive control of smart structures direct and indirect neural network control strategies have been suggested. In indirect neural network control the identified plant models are usually implemented as black-box neural networks using no a priori knowledge. Designing a neural network for system identification using dimensional analysis results in neural networks, where in contr...
متن کاملBlack - Box Modeling with State - Space Neural Networks
Neural network black-box modeling is usually performed using nonlinear input-output models. The goal of this paper is to show that there are advantages in using nonlinear state-space models, which constitute a larger class of nonlinear dynamical models, and their corresponding state-space neural predictors. We recall the fundamentals of both input-output and state-space black-box modeling, and ...
متن کاملBlack-box Modeling with State-space Neural Networks
Neural network black-box modeling is usually performed using nonlinear inputoutput models. The goal of this paper is to show that there are advantages in using nonlinear state-space models, which constitute a larger class of nonlinear dynamical models, and their corresponding state-space neural predictors. We recall the fundamentals of both input-output and state-space black-box modeling, and s...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1711.01768 شماره
صفحات -
تاریخ انتشار 2017