Random Filter-Switching-based Defense Against Decision-based Adversarial Attacks on Machine Learning / (Record no. 609186)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 01972nam a22001577a 4500 |
| 082 ## - DEWEY DECIMAL CLASSIFICATION NUMBER | |
| Classification number | 629.8 |
| 100 ## - MAIN ENTRY--PERSONAL NAME | |
| Personal name | Khalid, Rashad |
| 245 ## - TITLE STATEMENT | |
| Title | Random Filter-Switching-based Defense Against Decision-based Adversarial Attacks on Machine Learning / |
| Statement of responsibility, etc. | Rashad Khalid |
| 264 ## - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE | |
| Place of production, publication, distribution, manufacture | Islamabad : |
| Name of producer, publisher, distributor, manufacturer | SMME- NUST; |
| Date of production, publication, distribution, manufacture, or copyright notice | 2022. |
| 300 ## - PHYSICAL DESCRIPTION | |
| Extent | 69p. |
| Other physical details | Soft Copy |
| Dimensions | 30cm |
| 500 ## - GENERAL NOTE | |
| General note | In the AI and machine learning research field, adversarial machine learning(AML), a technique that tries to deceive models using erroneous data, is becoming a major concern. By exploiting the inherent vulnerability of ML models’ data reliance, AML can be used to generate adversarial attacks. Researches have shown that a small perturbation in input image can create disastrous results for an autonomous car system e.g. miscalssifying stop sign as speed limit sign near school. To counter these adversarial attacks, several defense mechanisms have been proposed. Some of the most prominent defenses are adversarial training, pre-processing-based defenses, Generative Adversarial Networkbased defenses. However, most of these defenses are either computationally expensive or become in-effective under the white-box threat model or against the decision-based attacks (Adversarial attacks that exploit the final decision of the attack under black-box settings). Therefore, there is a dire need to develop efficient defense mechanisms that can effectively counter the attacks while maintaining the classification accuracy. In this thesis, we propose to develop a computationally efficient and effective defense mechanism that effectively counters the score-based and decision-based adversarial attack under black-box settings while maintaining the classification accuracy on clean images. |
| 650 ## - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | MS Robotics and Intelligent Machine Engineering |
| 700 ## - ADDED ENTRY--PERSONAL NAME | |
| Personal name | Supervisor : Dr. Muhammad jawad khan |
| 856 ## - ELECTRONIC LOCATION AND ACCESS | |
| Uniform Resource Identifier | <a href="http://10.250.8.41:8080/xmlui/handle/123456789/30556">http://10.250.8.41:8080/xmlui/handle/123456789/30556</a> |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) | |
| Source of classification or shelving scheme | |
| Koha item type | Thesis |
| Withdrawn status | Permanent Location | Current Location | Shelving location | Date acquired | Full call number | Barcode | Koha item type |
|---|---|---|---|---|---|---|---|
| School of Mechanical & Manufacturing Engineering (SMME) | School of Mechanical & Manufacturing Engineering (SMME) | E-Books | 05/20/2024 | 629.8 | SMME-TH-713 | Thesis |