Adog64/Adversarial-Machine-Learning-Clinic
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects 1 Releases Wiki Activity
master
Adversarial-Machine-Learnin.../wiki/DesignImpact.md
Aidan Sharpe 008ef906d7 Directory structure overhaul, poster almost done
2024-05-01 01:26:25 -04:00

1.4 KiB
Raw Permalink Blame History

Engineering Design Principles

  1. Clearly defined problem
    • Assess the efficacy of various denoising filters in preserving the accuracy of image classifier models under a noise-based attack.
  2. Requirements
    • Only algorithmic approach for defense
    • Must be faster than auto-encoder
  3. Constraints
    • Computing power
    • Memory usage
    • Impossible to know who and how a model will be attacked
  4. Engineering standards
  5. Cite applicable references
  6. Considered alternatives a) Iterate on the design i) Advantages - Potentially more computationally efficient than an ML approach - Will likely use less memory than a model used to clean inputs - No training (very computationally intense) stage ii) Disadvantages - Potentially less effective than than an ML approach iii) Risks - Conventional algorithm may be more vulnerable to reverse engineering
  7. Evaluation process
    • Cross validation
    • Effectiveness will be measured as the percent of correct classifications
    • Testing clean vs. filtered training data
    • Ablation variables:
      • Different models
      • Different datasets
      • Different filters
  8. Deliverables and timeline