Skip to main content

Research Repository

Advanced Search

Evaluating the Robustness of Deep-Learning Algorithm-Selection Models by Evolving Adversarial Instances

Hart, Emma; Sim, Kevin; Renau, Quentin

Authors



Abstract

Deep neural networks (DNN) are increasingly being used to perform algorithm-selection in combinatorial optimisation domains, particularly as they accommodate input representations which avoid designing and calculating features. Mounting evidence from domains that use images as input shows that deep convolutional networks are vulnerable to adversarial samples, in which a small perturbation of an instance can cause the DNN to misclassify. However, it remains unknown as to whether deep recurrent networks (DRN) which have recently been shown promise as algorithm-selectors in the bin-packing domain are equally vulnerable. We use an evolutionary algorithm (EA) to find perturbations of instances from two existing benchmarks for online bin packing that cause trained DRNs to misclassify: adversarial samples are successfully generated from up to 56% of the original instances depending on the dataset. Analysis of the new misclassified instances sheds light on the 'fragility' of some training instances, i.e. instances where it is trivial to find a small perturbation that results in a misclassification and the factors that influence this. Finally, the method generates a large number of new instances misclassified with a wide variation in confidence, providing a rich new source of training data to create more robust models.

Citation

Hart, E., Sim, K., & Renau, Q. (2024, September). Evaluating the Robustness of Deep-Learning Algorithm-Selection Models by Evolving Adversarial Instances. Presented at 18th International Conference on Parallel Problem Solving From Nature PPSN 2024, Hagenburg, Austria

Presentation Conference Type Conference Paper (published)
Conference Name 18th International Conference on Parallel Problem Solving From Nature PPSN 2024
Start Date Sep 14, 2024
End Date Sep 18, 2024
Acceptance Date May 31, 2024
Deposit Date Jun 4, 2024
Publisher Springer
Peer Reviewed Peer Reviewed
Series Title Lecture Notes in Computer Science

This file is under embargo due to copyright reasons.

Contact repository@napier.ac.uk to request a copy for personal use.







You might also like



Downloadable Citations