Fragile Intelligence: A Master's Thesis - on Robustness of Adversarial Attacks and Its Defences in Computer Vision

Unlock the Secrets of Robust Machine Learning Models: Exploring Adversarial Attacks

In the realm of computer vision, the vulnerability of algorithms to adversarial attacks poses a significant challenge. Even the slightest perturbations to input data can lead to erroneous classifications by otherwise accurate machine learning models. In this groundbreaking work, Mohit Burkule delves into the intricacies of machine learning model robustness and their defenses against various adversarial attacks across multiple datasets.

Drawing upon extensive research and experimentation, this master's thesis explores the resilience of Convolutional Neural Networks (CNNs) against adversarial attacks such as the Fast Gradient Method, Projected Gradient Descent, and Basic Iterative Method. Through rigorous testing on benchmark datasets including MINST and Cifar 10, Mohit Burkule investigates the effectiveness of these attacks under different norm perturbations (l1, l2, and l infinity).

The methodology employed encompasses the training of CNNs using batch gradient descent with categorical cross-entropy objectives, followed by the generation of adversarial samples and evaluation of model performance against them. Additionally, the study examines the retraining of models on adversarial samples to assess their robustness against previously encountered attacks.

Comprehensive and insightful, this thesis is structured into three main components: a theoretical foundation on Adversarial Attacks, a detailed methodology section, and a presentation of empirical results. By shedding light on the dynamics of adversarial attacks and their impact on machine learning models, this research paves the way for future endeavors aimed at enhancing the robustness of AI systems.