EXPLAINING AND HARNESSING ADVERSARIAL EXAMPLES

Artificial Intelligence, in particular neural networks in computer vision, is becoming an increasingly prevalent part of our society. So much revolves around it, from tagging your friends on facebook, to security cameras, to self driving cars. Traditionally, cyber security refers to threats against typical computer programs, websites, and in the actual imperfections in the code. However, the mathematical models behind ML algorithms also have inherent flaws. This paper shows how small perturbations in input images, which are undetectable by the human eye, cause a neural network to entirely misclassify an input. The prominent example in this paper is an image of a panda, which when combined with a little bit of noise, outputs what appears to us to be almost the same picture of a panda. However, the neural net classifies it instead as a gibbon. Key words Artificial Intelligence, Adversary, Cybersecurity