Adversarial examples are commonly assumed to leave the manifold of the underyling data — although this has not been confirmed experimentally so far. This means that deep neural networks perform well on the manifold, however, slight perturbations in directions leaving the manifold may cause mis-classification. In this article, based on my recent CVPR’19 paper, I want to empirically show that adversarial examples indeed leave the manifold. For this purpose, I will present results on a synthetic dataset with known manifold as well as on MNIST with approximated manifold.
Confidence calibration of adversarial training for “generalizable” robustness.
Adversarial examples, imperceptibly perturbed examples causing mis-classification, are commonly assumed to lie off the underlying manifold of the data — the so-called manifold assumption. In this article, following my recent CVPR’19 paper, I demonstrate that adversarial examples can also be found on the data manifold, both on a synthetic dataset as well as on MNIST and Fashion-MNIST.
In early May, I received the Qualcomm Innovation Fellowship 2019 for my ongoing research on adversarial robustness of deep neural networks. After an initial application round, I was invited to the University of Amsterdam’s Science Park for the finalist round. The winners were selected based on a short research talk including questions from Qualcomm researchers.
During my master thesis I partly worked on OctNets, octree-bases convolutional neural networks for efficient learning in 3D. Among others, I implemented convolutional batch normalization for OctNets. This article briefly discusses the implementation, which will be available on GitHub.
Obtaining high-quality visualizations of 3D data such as triangular meshes or occupancy grids, as needed for publications in computer graphics and computer vision, is difficult. In this article, I want to present a GitHub repository containing some utility scripts for paper-ready visualizations of meshes and occupancy grids using Blender and Python.
Disentangling the relationship between adversarial robustness and generalization.
Our CVPR’18 follow-up paper has been accepted at IJCV. In this longer paper we extend our weakly-supervised 3D shape completion approach to obtain high-quality shape predictions, and also present updated, synthetic benchmarks on ShapeNet and ModelNet. The paper is available through Springer Link and ArXiv.