Master's Thesis: "Enhancing the Robustness of Deep Neural Networks Using Radial Basis Functions"

Author: Matthew P. Burruss

Defense Date: May 8th 2020

Enhancing the robustness of deep neural networks using radial basis functions (RBFs). The paper can be found here and a video of the thesis defense can be found here.

Security Threat 1: Black-Box Physical Attack

Replicating the physical attack RBF detection mechanism performed on DeepNNCar

Please see DeepNNCar.ipynb file and follow the ReadMe section.

For videos of DeepNNCar using the RBF to detect the physical attack in real-time, videos can be found here.

For descriptions on the data sets, please see this google drive folder. The deepnncar classification data set was used for this task

Security Threat 2: Poisoning Attack

Replicating the data poisoning attacks and the RBF outlier detection method to clean poisoned data sets.

Please see the DataPoisoning.ipynb file and follow the ReadMe section.

The MNIST data set is loaded in the notebook directly. For a description on the German Traffic Sign Benchmark (GTSB) data set, please see this google drive folder.

Security Threat 3: White-Box Adversarial Attack

Replicating adversarial attack on the InceptionV3 architecture using a portion of the ILSRVC2012 data set

Please see the AdversarialAttack.ipynb file and follow the ReadMe section.

For information on the data set, please see this google drive folder.