On the Connection Between Adversarial Robustness and Saliency Map Interpretability
Authors: Christian Etmann, Sebastian Lunz, Peter Maass, Carola Schoenlieb
ICML 2019 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We confirm these theoretical findings with experiments based on models trained with a local Lipschitz regularization and identify where the non-linear nature of neural networks weakens the relation. |
| Researcher Affiliation | Academia | 1Center for Industrial Mathematics, University of Bremen, Bremen, Germany 2Work done at DAMTP, Cambridge. 3DAMTP, University of Cambridge, Cambridge, United Kingdom. |
| Pseudocode | No | The paper describes theoretical derivations and experimental procedures in text and mathematical formulas, but does not include any structured pseudocode or algorithm blocks. |
| Open Source Code | No | The paper does not provide a direct link or explicit statement about the availability of the source code for the methodology described. |
| Open Datasets | Yes | In order to validate our hypothesis, we trained several models of different adversarial robustness on both MNIST (Le Cun et al., 1990) and Image Net (Deng et al., 2009) using double backpropagation (Drucker & Le Cun, 1992). |
| Dataset Splits | Yes | For the MNIST experiments, we trained each of our 16 models on an NVIDIA 1080Ti GPU with a batch size of 100 for 200 epochs... For the experiments on Image Net, we fine-tuned the pretrained Res Net50 model... over 35 epochs... For checking the relation between the alignment and robustness of a neural network, we created 1000 adversarial examples per model on the respective validation set. |
| Hardware Specification | Yes | For the MNIST experiments, we trained each of our 16 models on an NVIDIA 1080Ti GPU... For the experiments on Image Net, we fine-tuned the pretrained Res Net50 model... on 2 NVIDIA P100 GPUs... We gratefully acknowledge the support of NVIDIA Corporation with the donation of a Quadro P6000 and a Titan Xp GPUs used for this research. |
| Software Dependencies | No | The experiments were implemented in Tensorflow (Abadi et al., 2015). We used the python library Foolbox (Rauber et al., 2017)... The paper mentions the software used (TensorFlow, Foolbox) but does not provide specific version numbers for these dependencies. |
| Experiment Setup | Yes | For the MNIST experiments, we trained each of our 16 models on an NVIDIA 1080Ti GPU with a batch size of 100 for 200 epochs, covering the regularization hyperparameter range from 10 to 180,000... For the experiments on Image Net... over 35 epochs on 2 NVIDIA P100 GPUs with a total batch size of 32. We used stochastic gradient descent with a learning rate of 0.0001 and momentum of 0.99. The learning rate was divided by 10 whenever the error stopped improving. For the regularization parameter, we chose λ = 104, 104.5, . . . , 107. |