The increasing accuracy of the machine learning systems is quite impressive. It has naturally led to a veritable flood of applications using them including self-driving vehicles, face recognition, cancer diagnosis and even in next-gen shops. A few years ago, getting wrong predictions from a machine learning model used to be the norm. Nowadays, this has become the exception, and we’ve come to expect them to perform flawlessly, especially when they are deployed in real-world applications.

1. ADVERSARIAL
ROBUSTNESS USING
CLEVER HANS

2. What is Adversarial?
❖ Adversarial AI is the malicious development.
❖ Adversarial examples are a stark reminders of how different
artificial intelligence and the human mind are.
❖ Adversarial search is a game-playing technique where the
agents are surrounded by a competitive environment.
❖ An adversarial attack is one in which inputs to a deep
learning neural network ultimately result in unexpected
outputs.
2

3. What is Robustness?
❖ Robustness is the ability of a computer system to cope with
errors during execution and cope with erroneous input.
❖ Robustness can encompass many areas of computer science.
❖ The robustness is the property that characterizes how effective
your algorithm is.
❖ The robust algorithm is the one, the testing error of which is
close to the training error.
3

4. Introduction to Adversarial
Robustness
❖ Adversarial robustness measures a network's resilience against
adversarial inputs.
❖ Adversarial inputs that are produced by taking inputs that are
correctly classified by the DNN.
❖ It is defined as the accuracy of well-trained models on the
adversarial countermeasures of test data generated in white-box
settings.
4

5. Adversarial Attacks
5
❖ Adversarial examples are inputs to machine learning models
designed to intentionally fool them.
❖ The main worrying attributes of adversarial attacks are:
-Imperceptibility
-Targeted Manipulation
-Transferability
-Lack of theoretical model

6. “
Can we really trust the
decisions made by AI or
ML models?
To find that out we can do
research using Adversarial
Robustness.
6

7. EXAMPLE
7

8. Introduction to Clever Hans
8
❖ A Python library to benchmark machine learning systems'
vulnerability to Adversarial Examples.
❖ This library uses Jax, PyTorch or TensorFlow 2 to accelerate graph
computations performed by many machine learning models.
❖ Once dependencies have been taken care of, you can install
CleverHans using pip or by cloning the official Github repository.

9. -> pip installation:
pip install cleverhans
-> Clone the repository : Link
-> Installation for Development:
cd cleverhans
pip install -e
9
INSTALLATION PROCESS

10. “
Adversarial Machine Learning and Using
CleverHans to make your ML models
Robust.
10

11. ATTACKS
contains the
implementations of
adversarial example
crafting algorithms
CORE FUNCTIONALITIES
Utils_tf
contains helper functions
to train and evaluate
models using TensorFlow.
11

12. FAST GRADIENT SIGN
METHOD
12

13. FAST GRADIENT SIGN METHOD
13

14. THANK YOU
⬢ SHRUTI MISHRA - 2GI18CS144
⬢ SONAL DESHMUKH - 2GI18CS156
14