10 research outputs found
Adversarially Robust Distillation
Knowledge distillation is effective for producing small, high-performance
neural networks for classification, but these small networks are vulnerable to
adversarial attacks. This paper studies how adversarial robustness transfers
from teacher to student during knowledge distillation. We find that a large
amount of robustness may be inherited by the student even when distilled on
only clean images. Second, we introduce Adversarially Robust Distillation (ARD)
for distilling robustness onto student networks. In addition to producing small
models with high test accuracy like conventional distillation, ARD also passes
the superior robustness of large networks onto the student. In our experiments,
we find that ARD student models decisively outperform adversarially trained
networks of identical architecture in terms of robust accuracy, surpassing
state-of-the-art methods on standard robustness benchmarks. Finally, we adapt
recent fast adversarial training methods to ARD for accelerated robust
distillation.Comment: Accepted to AAAI Conference on Artificial Intelligence, 202
The effect of scale-free topology on the robustness and evolvability of genetic regulatory networks
We investigate how scale-free (SF) and Erdos-Renyi (ER) topologies affect the
interplay between evolvability and robustness of model gene regulatory networks
with Boolean threshold dynamics. In agreement with Oikonomou and Cluzel (2006)
we find that networks with SFin topologies, that is SF topology for incoming
nodes and ER topology for outgoing nodes, are significantly more evolvable
towards specific oscillatory targets than networks with ER topology for both
incoming and outgoing nodes. Similar results are found for networks with SFboth
and SFout topologies. The functionality of the SFout topology, which most
closely resembles the structure of biological gene networks (Babu et al.,
2004), is compared to the ER topology in further detail through an extension to
multiple target outputs, with either an oscillatory or a non-oscillatory
nature. For multiple oscillatory targets of the same length, the differences
between SFout and ER networks are enhanced, but for non-oscillatory targets
both types of networks show fairly similar evolvability. We find that SF
networks generate oscillations much more easily than ER networks do, and this
may explain why SF networks are more evolvable than ER networks are for
oscillatory phenotypes. In spite of their greater evolvability, we find that
networks with SFout topologies are also more robust to mutations than ER
networks. Furthermore, the SFout topologies are more robust to changes in
initial conditions (environmental robustness). For both topologies, we find
that once a population of networks has reached the target state, further
neutral evolution can lead to an increase in both the mutational robustness and
the environmental robustness to changes in initial conditions.Comment: 16 pages, 15 figure
Heuristics of node selection criteria to assess robustness of world airport network
The world airport network (WAN) is one of the networked infrastructures that shape today's economic and social activity, so its resilience against incidents affecting the WAN is an important problem. In this paper, the robustness of air route networks is extended by defining and testing several heuristics to define selection criteria to detect the critical nodes of the WAN. In addition to heuristics based on genetic algorithms and simulated annealing, custom heuristics based on node damage and node betweenness are defined. The most effective heuristic is a multi-attack heuristic combining both custom heuristics. Results obtained are of importance not only for advance in the understanding of the structure of complex networks, but also for critical node detection.Peer ReviewedPostprint (author's final draft
Análise topológica sensível ao contexto visando a manutenibilidade da QoS
The issue addressed by the project is to offer a network infrastructure that is adapted to the current traffic profile for the service to be used with the expected quality. In particular, the cases will be considered in which the traffic profile is not supported by the infrastructure, or that it is overloaded. In this case, the choice of new links is very important to adapt the network to the traffic profile. However where the links will be inserted is the challenge addressed in this paper. The bandwidth and the paths average length were analyzed.IX Workshop en Arquitectura, Redes y Sistemas OperativosRed de Universidades con Carreras de Informática (RedUNCI
Análise topológica sensível ao contexto visando a manutenibilidade da QoS
The issue addressed by the project is to offer a network infrastructure that is adapted to the current traffic profile for the service to be used with the expected quality. In particular, the cases will be considered in which the traffic profile is not supported by the infrastructure, or that it is overloaded. In this case, the choice of new links is very important to adapt the network to the traffic profile. However where the links will be inserted is the challenge addressed in this paper. The bandwidth and the paths average length were analyzed.IX Workshop en Arquitectura, Redes y Sistemas OperativosRed de Universidades con Carreras de Informática (RedUNCI
Assuring the Machine Learning Lifecycle: Desiderata, Methods, and Challenges
Machine learning has evolved into an enabling technology for a wide range of highly successful applications. The potential for this success to continue and accelerate has placed machine learning (ML) at the top of research, economic and political agendas. Such unprecedented interest is fuelled by a vision of ML applicability extending to healthcare, transportation, defence and other domains of great societal importance. Achieving this vision requires the use of ML in safety-critical applications that demand levels of assurance beyond those needed for current ML applications. Our paper provides a comprehensive survey of the state-of-the-art in the assurance of ML, i.e. in the generation of evidence that ML is sufficiently safe for its intended use. The survey covers the methods capable of providing such evidence at different stages of the machine learning lifecycle, i.e. of the complex, iterative process that starts with the collection of the data used to train an ML component for a system, and ends with the deployment of that component within the system. The paper begins with a systematic presentation of the ML lifecycle and its stages. We then define assurance desiderata for each stage, review existing methods that contribute to achieving these desiderata, and identify open challenges that require further research
Robustness of Large Networks
Electrical Engineering, Mathematics and Computer Scienc
A critical view of the sensitivity of transit ASs to internal failures
Recent work on hot-potato routing [1] has uncovered that large transit ASs can be sensitive to hot-potato disruptions. Designing a robust network is felt as overly important by transit providers as paths crossed by the traffic have both to be optimal and reliable. However, equipment failures and maintenance make this robustness non-trivial to achieve. To help understanding the robustness of large networks to internal failures, [2] proposed metrics aimed at capturing the sensitivity of ASs to internal failures. In this paper, we discuss the strengths and weaknesses of this approach to understand the robustness of the control plane of large networks, having carried this analysis on a large tier-1 ISP and smaller transit ASs. We argue that this sensitivity model is mainly useful for intradomain topology design, not for the design the whole routing plane of an AS. We claim that additional effort is required to understand the propagation of BGP routes inside large ASs. Complex iBGP structures, in particular route-reflection hierarchies [3], affect route diversity and optimality but it an unclear way