Enhancing Robustness of Neural Networks through Fourier Stabilization
Authors: Netanel Raviv, Aidan Kelley, Minzhe Guo, Yevgeniy Vorobeychik
ICML 2021 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We experimentally evaluate the proposed Fourier stabilization approach on several datasets involving detection of malicious inputs, including malware detection and hate speech detection. Our experiments show that our approach considerably improves neural network robustness to evasion in these domains, and effectively composes with adversarial training defense. |
| Researcher Affiliation | Academia | Netanel Raviv 1 Aidan Kelley 1 Michael Guo 1 Yevgeny Vorobeychik 1 1Department of Computer Science and Engineering, Washington University in St. Louis, 1 Brookings Dr., St. Louis, MO 63103. |
| Pseudocode | No | The paper describes algorithmic approaches (GMBC, GMB) in Section 4 but does not present them in a structured pseudocode or algorithm block. |
| Open Source Code | Yes | Experiments were run on a research computer cluster with over 2,500 CPUs and 60 GPUs, and the code is available online at https://github.com/ Aidan Kelley/fourier-stabilization. |
| Open Datasets | Yes | The PDFRate dataset (Smutz & Stavrou, 2012) is a PDF malware dataset... The Hidost dataset (Srndic & Laskov, 2016) is a PDF malware dataset... The Hate Speech dataset (Qian et al., 2019), collected from Gab, is comprised of conversation segments... |
| Dataset Splits | No | All datasets were divided into training, validation, and test subsets; the former two were used for training and parameter tuning, while all the results below are using the test data. The paper states that data was divided into these subsets but does not provide specific percentages or counts for reproducibility. |
| Hardware Specification | No | Experiments were run on a research computer cluster with over 2,500 CPUs and 60 GPUs. This provides the quantity of hardware but not specific models or detailed specifications for reproducibility. |
| Software Dependencies | No | The paper does not specify any software dependencies with version numbers. |
| Experiment Setup | Yes | For each dataset, we learned a two-layer sigmoidal fully connected neural network as a baseline. |