A new measure for overfitting and its implications for backdooring of deep learning

Add code
Jun 18, 2020
Kathrin Grosse, Taesung Lee, Youngja Park, Michael Backes, Ian Molloy
Figure 1 for A new measure for overfitting and its implications for backdooring of deep learning
Figure 2 for A new measure for overfitting and its implications for backdooring of deep learning
Figure 3 for A new measure for overfitting and its implications for backdooring of deep learning
Figure 4 for A new measure for overfitting and its implications for backdooring of deep learning

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Overfitting describes the phenomenon that a machine learning model fits the given data instead of learning the underlying distribution. Existing approaches are computationally expensive, require large amounts of labeled data, consider overfitting global phenomenon, and often compute a single measurement. Instead, we propose a local measurement around a small number of unlabeled test points to obtain features of overfitting. Our extensive evaluation shows that the measure can reflect the model's different fit of training and test data, identify changes of the fit during training, and even suggest different fit among classes. We further apply our method to verify if backdoors rely on overfitting, a common claim in security of deep learning. Instead, we find that backdoors rely on underfitting. Our findings also provide evidence that even unbackdoored neural networks contain patterns similar to backdoors that are reliably classified as one class.

* 11 pages, 10 figures, under submission, (updated contact information)  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon