Resisting Adversarial Attacks Using Gaussian Mixture Variational Autoencoders
Authors: Partha Ghosh, Arpan Losalka, Michael J. Black541-548
AAAI 2019 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We verify our claims through experimentation on 3 publicly available datasets: MNIST (1998), SVHN (2011) and COIL-100 (1996). |
| Researcher Affiliation | Collaboration | Partha Ghosh, 1 Arpan Losalka, 2 Michael J Black1 1Max Planck Institute of Intelligent Systems, 2IBM Research AI partha.ghosh@tuebingen.mpg.de, arlosalk@in.ibm.com, black@tuebingen.mpg.de |
| Pseudocode | No | The paper does not contain any structured pseudocode or algorithm blocks. |
| Open Source Code | No | The paper does not provide concrete access to source code for the methodology described, nor does it explicitly state that the code is open-source or available. |
| Open Datasets | Yes | We verify our claims through experimentation on 3 publicly available datasets: MNIST (1998), SVHN (2011) and COIL-100 (1996). |
| Dataset Splits | No | The paper mentions "training" and "test data" and "MNIST test dataset" but does not provide explicit training, validation, or test dataset splits (e.g., percentages or specific sample counts for each split) or refer to a standard splitting methodology. |
| Hardware Specification | No | The paper does not provide specific hardware details (e.g., GPU models, CPU types, or memory specifications) used for running its experiments. It only vaguely mentions "enough compute power is available". |
| Software Dependencies | No | The paper mentions the use of "Adam (2014) optimizer" and "ReLU nonlinearity" but does not specify any software dependencies with version numbers (e.g., specific programming language versions, libraries, or frameworks). |
| Experiment Setup | Yes | Implementation details. We use an encoder network with convolution, max-pooling and dense layers to parameterize Qφ(z|x), and a decoder network with convolution, upsampling and dense layers to parameterize Pθ(x|z). We choose the dimensionality of the latent space to be the same as the number of classes for MNIST and COIL-100. However, noting that the size of images is larger for SVHN compared to MNIST, and also, because the dataset contains colored images, we choose the dimensionality of the latent space for SVHN as 32 instead of 10. The choice of means also varies slightly for this dataset, as we pad zeros to the one-hot encodings of the class labels to allow for the extra latent dimensions. The standard deviation of the encoder distribution is chosen such that the chance of overlap of the mixture components in the latent space is negligible and the classes are well separated. We use 1/3000 as the variance for the MNIST dataset, and reduce this value as the latent dimensionality increases for the other datasets. We use the ReLU nonlinearity in our network, and sigmoid activation in the final layer so that the output lies in the allowed range [0, 1]. We use the Adam (2014) optimizer for training. |