ROBUSTNESS AND UNCERTAINTY ESTIMATION FOR DEEP NEURAL NETWORKS

Abstract

Deep neural network (DNN) models are vulnerable against adversarial attacks and produced over-confident predictions even for out-of-distribution (OOD) examples. This thesis focuses on improving the robustness against adversarial attacks and predictive uncertainty estimation of the existing DNN-based classification models. We first propose a new generative framework, called RBF-Net. We use the RBF-Net to develop a robust image classification model, called RBF-CNN, to defend against adversarial attacks. We show that our proposed technique mitigate minor perturbations of different perturbation type to improve the robustness against different perturbation types. Next, we propose a novel framework to maximize the representation gap between in-domain and OOD examples to robustly distinguish different predictive uncertainties for a DNN model. Our experimental results demonstrate that our proposed technique consistently improves OOD detection performance.