Henry Chu, PHD

Professor
University of Louisiana at Lafayette

Dr. Henry Chu is the Lockheed Martin Professor of Computer Science/Computer Engineering as well as the Executive Director of the Informatics Research Institute at the University of Louisiana at Lafayette. His research interests are in machine vision and machine learning. His recent research is in learning from noisy data, time series prediction, and information representation in deep learning networks. At the Informatics Research Institute, he oversees use-inspired artificial intelligence research in health informatics, disaster recovery and emergency management, and critical infrastructure cybersecurity. He received his B.S.E. and M.S.E. degrees from the University of Michigan, Ann Arbor, and his Ph.D. from Purdue University, all in electrical and computer engineering.

ABSTRACT

Adversarial Defense by Restricting In-variance and Co-variance of Image Representations

Despite high accuracies achieved by deep neural networks (DNNs) in image classification, DNNs have been shown to be highly vulnerable to structured and unstructured perturbations to the input images. Robustness of many existing defense methods for these models suffers greatly when an attacker has full knowledge of the model and can iterate over the model to craft stronger attacks, which is known as white box attacks. We propose class-wise disentanglement on intermediate representations of DNN so that a DNN is forced to learn decision boundaries that are distinct for each class with clear separation. We observe that this constraint on representations enhance the robustness of learned models even against the strongest white-box attacks. Further we evaluate extensively on both white-box and black-box settings and show significant gains in comparison to state-of-the-art defenses.