A Rotation and a Translation Suffice: Fooling CNNs with Simple Transformations on ShortScience.org

arxiv.org
arxiv-vanity.com
scholar.google.com

A Rotation and a Translation Suffice: Fooling CNNs with Simple Transformations
Logan Engstrom and Brandon Tran and Dimitris Tsipras and Ludwig Schmidt and Aleksander Madry
arXiv e-Print archive - 2017 via Local arXiv
Keywords: cs.LG, cs.CV, cs.NE, stat.ML
more

Summaries/Notes 1

[link] Summary by David Stutz 6 years ago

Engstrom et al. demonstrate that spatial transformations such as translations and rotations can be used to generate adversarial examples. Personally, however, I think that the paper does not address the question where adversarial perturbations “end” and generalization issues “start”. For larger translations and rotations, the problem is clearly a problem of generalization. Small ones could also be interpreted as adversarial perturbations – especially when they are computed under the intention to fool the network. Still, the distinction is not clear ...

Also find this summary at [davidstutz.de](https://davidstutz.de/category/reading/).

Your comment: