SANE: Towards Improved Prediction Robustness via Stochastically Activated Network Ensembles

Ibrahim Ben Daya, Mohammad Javad Shafiee, Michelle Karg
2019 Computer Vision and Pattern Recognition  
A major challenge to the widespread adoption and deployment of deep neural networks in real-world operational scenarios relates to issues related to robustness and ability to deal with uncertainty when making predictions. One of the most effective strategies for improving robustness and handling uncertainty used in machine learning is the use of probabilistic modelling; however, there has been limited exploration into their use in improving the robustness of deep neural networks. In this study,
more » ... we propose a new framework for improving the prediction robustness of deep neural network models via the notion of stochastically activated network ensembles (SANE), where an ensemble of deep neural networks with heterogeneous architectures are stochastically activated such that a subset of networks in the ensemble that are found to be more reliable for a given input will be responsible for a prediction. The proposed SANE framework takes advantage of a probabilistic graphical model to estimate the reliability of each network in the ensemble in predicting the correct class label for an input image given the beliefs of other networks. In other words, the graphical model enables the detection of networks in the ensemble that are likely to produce reliable predictions and include them in the final prediction process. The proposed SANE framework is evaluated on both non-targeted perturbations (e.g., random perturbations) as well as targeted perturbations (e.g., adversarial perturbations). Experimental results show that the proposed SANE framework can noticeably improve prediction robustness compared to a general ensemble approach, as well as providing further improvements in robustness against targeted perturbations when combined with additional stochastic mechanisms.
dblp:conf/cvpr/DayaSK19 fatcat:5ay6gj5a6jajvhjupc2fsr4mau