CKR-Calibrator: Convolution Kernel Robustness Evaluation and Calibration | SpringerLink
Skip to main content
Springer Nature Link
Log in

CKR-Calibrator: Convolution Kernel Robustness Evaluation and Calibration

  • Conference paper
  • First Online:
Neural Information Processing (ICONIP 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14451))

Included in the following conference series:

  • 1048 Accesses

Abstract

Recently, Convolution Neural Networks (CNN) have achieved excellent performance in some areas of computer vision, including face recognition, character recognition, and autonomous driving. However, there are still many CNN-based models that cannot be deployed in real-world scenarios due to poor robustness. In this paper, focusing on the classification task, we attempt to evaluate and optimize the robustness of CNN-based models from a new perspective: the convolution kernel. Inspired by the discovery that the root cause of the model decision error lies in the wrong response of the convolution kernel, we propose a convolution kernel robustness evaluation metric based on the distribution of convolution kernel responses. Then, we devise the Convolution Kernel Robustness Calibrator, termed as CKR-Calibrator, to optimize key but not robust convolution kernels. Extensive experiments demonstrate that CKR-Calibrator improves the accuracy of existing CNN classifiers by 1%–4% in clean datasets and 1%–5% in corrupt datasets, and improves the accuracy by about 2% over SOTA methods. The evaluation and calibration source code is open-sourced at https://github.com/cym-heu/CKR-Calibrator.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 10295
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 12869
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Bach, S., Binder, A., Montavon, G., Klauschen, F., Müller, K.R., Samek, W.: On pixel-wise explanations for non-linear classifier decisions by layer-wise relevance propagation. PLoS ONE 10(7), e0130140 (2015)

    Article  Google Scholar 

  2. Chattopadhay, A., Sarkar, A., Howlader, P., Balasubramanian, V.N.: Grad-cam++: generalized gradient-based visual explanations for deep convolutional networks. In: 2018 IEEE Winter Conference on Applications of Computer Vision (WACV), pp. 839–847. IEEE (2018)

    Google Scholar 

  3. DeVries, T., Taylor, G.W.: Improved regularization of convolutional neural networks with cutout. arXiv (2017)

    Google Scholar 

  4. Ding, G.W., Sharma, Y., Lui, K.Y.C., Huang, R.: Mma training: direct input space margin maximization through adversarial training. arXiv (2018)

    Google Scholar 

  5. Feng, Z., Hu, J., Wu, S., Yu, X., Song, J., Song, M.: Model doctor: a simple gradient aggregation strategy for diagnosing and treating CNN classifiers. In: AAAI, vol. 36, pp. 616–624 (2022)

    Google Scholar 

  6. Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. arXiv (2014)

    Google Scholar 

  7. He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 770–778 (2016)

    Google Scholar 

  8. Hendrycks, D., Dietterich, T.: Benchmarking neural network robustness to common corruptions and perturbations. arXiv preprint arXiv:1903.12261 (2019)

  9. Hendrycks, D., Mu, N., Cubuk, E.D., Zoph, B., Gilmer, J., Lakshminarayanan, B.: Augmix: a simple data processing method to improve robustness and uncertainty. arXiv (2019)

    Google Scholar 

  10. Howard, A.G., et al.: Mobilenets: efficient convolutional neural networks for mobile vision applications. arXiv (2017)

    Google Scholar 

  11. Hu, J., et al.: CNN LEGO: disassembling and assembling convolutional neural network. arXiv (2022)

    Google Scholar 

  12. Huang, G., Liu, Z., Laurens, V.D.M., Weinberger, K.Q.: Densely connected convolutional networks. IEEE Computer Society (2016)

    Google Scholar 

  13. Huang, Y., Chen, Y.: Autonomous driving with deep learning: a survey of state-of-art technologies. arXiv (2020)

    Google Scholar 

  14. Iandola, F.N., Han, S., Moskewicz, M.W., Ashraf, K., Dally, W.J., Keutzer, K.: Squeezenet: alexnet-level accuracy with 50\(\times \) fewer parameters and< 0.5 mb model size. arXiv preprint arXiv:1602.07360 (2016)

  15. Krizhevsky, A., Hinton, G., et al.: Learning multiple layers of features from tiny images (2009)

    Google Scholar 

  16. Krizhevsky, A., Sutskever, I., Hinton, G.: Imagenet classification with deep convolutional neural networks. In: NeurIPS, vol. 25, no. 2 (2012)

    Google Scholar 

  17. Lapuschkin, S., Wäldchen, S., Binder, A., Montavon, G., Samek, W., Müller, K.R.: Unmasking clever hans predictors and assessing what machines really learn. Nat. Commun. 10(1), 1096 (2019)

    Article  Google Scholar 

  18. Le, Y., Yang, X.: Tiny imagenet visual recognition challenge. CS 231N 7(7), 3 (2015)

    Google Scholar 

  19. LeCun, Y., Bengio, Y., Hinton, G.: Deep learning. Nature 521(7553), 436–444 (2015)

    Article  Google Scholar 

  20. LeCun, Y., Bottou, L., Bengio, Y., Haffner, P.: Gradient-based learning applied to document recognition. Proc. IEEE 86(11), 2278–2324 (1998)

    Article  Google Scholar 

  21. Lengerich, B.J., Konam, S., Xing, E.P., Rosenthal, S., Veloso, M.: Towards visual explanations for convolutional neural networks via input resampling. arXiv (2017)

    Google Scholar 

  22. Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards deep learning models resistant to adversarial attacks. arXiv (2017)

    Google Scholar 

  23. Miotto, R., Wang, F., Wang, S., Jiang, X., Dudley, J.T.: Deep learning for healthcare: review, opportunities and challenges. Brief. Bioinform. 19(6), 1236–1246 (2018)

    Article  Google Scholar 

  24. Mu, N., Gilmer, J.: Mnist-c: a robustness benchmark for computer vision (2019)

    Google Scholar 

  25. Omeiza, D., Speakman, S., Cintas, C., Weldermariam, K.: Smooth grad-cam++: an enhanced inference level visualization technique for deep convolutional neural network models. arXiv (2019)

    Google Scholar 

  26. Schroff, F., Kalenichenko, D., Philbin, J.: Facenet: a unified embedding for face recognition and clustering. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 815–823 (2015)

    Google Scholar 

  27. Simonyan, K., Vedaldi, A., Zisserman, A.: Deep inside convolutional networks: visualising image classification models and saliency maps. arXiv (2013)

    Google Scholar 

  28. Simonyan, K., Zisserman, A.: Very deep convolutional networks for large-scale image recognition. arXiv (2014)

    Google Scholar 

  29. Szegedy, C., et al.: Going deeper with convolutions. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 1–9 (2015)

    Google Scholar 

  30. Szegedy, C., et al.: Intriguing properties of neural networks. arXiv (2013)

    Google Scholar 

  31. Wang, H., et al.: Score-cam: score-weighted visual explanations for convolutional neural networks. In: Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, pp. 24–25 (2020)

    Google Scholar 

  32. Wei, W., Zhou, J., Wu, Y.: Beyond empirical risk minimization: local structure preserving regularization for improving adversarial robustness. arXiv (2023)

    Google Scholar 

  33. Xie, S., Girshick, R., Dollár, P., Tu, Z., He, K.: Aggregated residual transformations for deep neural networks. IEEE (2016)

    Google Scholar 

  34. Yang, Y., et al.: Boundary thickness and robustness in learning models. NeurIPS 33, 6223–6234 (2020)

    Google Scholar 

  35. Yun, S., Han, D., Oh, S.J., Chun, S., Choe, J., Yoo, Y.: Cutmix: regularization strategy to train strong classifiers with localizable features. In: ICCV, pp. 6023–6032 (2019)

    Google Scholar 

  36. Zagoruyko, S., Komodakis, N.: Wide residual networks. arXiv (2016)

    Google Scholar 

  37. Zeiler, M.D., Fergus, R.: Visualizing and understanding convolutional networks. In: Fleet, D., Pajdla, T., Schiele, B., Tuytelaars, T. (eds.) ECCV 2014. LNCS, vol. 8689, pp. 818–833. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10590-1_53

    Chapter  Google Scholar 

  38. Zhang, H., Cisse, M., Dauphin, Y.N., Lopez-Paz, D.: mixup: beyond empirical risk minimization. arXiv (2017)

    Google Scholar 

  39. Zhou, B., Khosla, A., Lapedriza, A., Oliva, A., Torralba, A.: Learning deep features for discriminative localization. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 2921–2929 (2016)

    Google Scholar 

  40. Zintgraf, L.M., Cohen, T.S., Adel, T., Welling, M.: Visualizing deep neural network decisions: prediction difference analysis. arXiv (2017)

    Google Scholar 

Download references

Acknowledgements

This work is funded by Public Welfare Technology Applied Research Projects of Zhejiang Province, China (LGG21F020004), Basic Public Welfare Research Project of Zhejiang Province (LGF21F020020), Ningbo Natural Science Foundation (2022J182), and the Fundamental Research Funds for the Central Universities (2021FZZX001-23, 226-2023-00048).

Author information

Authors and Affiliations

  1. Zhejiang University, Hangzhou, China

    Yijun Bei, Jinsong Geng, Erteng Liu, Kewei Gao & Zunlei Feng

  2. Digital Grid Research Institute, China Southern Power Grid, Guangzhou, 510670, China

    Wenqi Huang

  3. Zhejiang University - China Southern Power Grid Joint Research Centre on AI, Hangzhou, 310058, China

    Zunlei Feng

Authors
  1. Yijun Bei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jinsong Geng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Erteng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kewei Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Wenqi Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Zunlei Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zunlei Feng .

Editor information

Editors and Affiliations

  1. Central South University, Changsha, China

    Biao Luo

  2. Chinese Academy of Sciences, Beijing, China

    Long Cheng

  3. Zhejiang University, Hangzhou, China

    Zheng-Guang Wu

  4. Guangdong University of Technology, Guangzhou, China

    Hongyi Li

  5. UNSW Sydney, Sydney, NSW, Australia

    Chaojie Li

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bei, Y., Geng, J., Liu, E., Gao, K., Huang, W., Feng, Z. (2024). CKR-Calibrator: Convolution Kernel Robustness Evaluation and Calibration. In: Luo, B., Cheng, L., Wu, ZG., Li, H., Li, C. (eds) Neural Information Processing. ICONIP 2023. Lecture Notes in Computer Science, vol 14451. Springer, Singapore. https://doi.org/10.1007/978-981-99-8073-4_11

Download citation

  • DOI: https://doi.org/10.1007/978-981-99-8073-4_11

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-99-8072-7

  • Online ISBN: 978-981-99-8073-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics