Lecture 10 - LSTM - CNN -GAN - BatchNorm Flashcards
LSTM stands for
Long Short-Term Memory
LSTM is used for
Image captioning, stock market prediction, machine translation and text classification (for sequence processing)
What are the Components of LSTM?
Memory cell, input gate, forget gate, output gate
What is the function of the input gate?
Control what information gets stored in long-term state/memory cell
Note: Before the input gate, there is one more gate which controls the flow into the input gate
What is the function of the forget gate?
Regulate how much of information in long-term state is persisted across time instants
What is the function of the output gate?
Controls how much information to output from cell at a time instant
GRU cell is a simplified version of ___ cell
GRU cell is a simplified version of LSTM cell
GRUs combine which two LSTM gates to decide what information should be committed to long-term memory?
Forget and Input gates
For real - Use this website to learn RNNs/LSTM etc
http://colah.github.io/posts/2015-08-Understanding-LSTMs/
What is BatchNorm primarily used for?
Stabilising data - Also makes ANN faster and more stable through normalization (by recentering and rescaling)
Very useful for deep learning - Makes hidden layers very efficient
BatchNorm is tricky to use in
RNN (Recurrent Neural Networks)
What are adversarial examples?
Adversarial examples are inputs to machine learning models that an attacker has intentionally designed to cause the model to make a mistake; they’re like optical illusions for machines.
https://openai.com/blog/adversarial-example-research/
What are the two types of adversarial image attacks?
Untargeted adversarial attacks: cannot control output label of adversarial image
Targeted adversarial attacks: can control output label of image
Name some ML models that have had adversarial attacks
DNN, Clustering, Naive Bayes, Decision tree, multilayer perceptron, SVM
Adversarial attacks impact model performance by
Injecting adversarial/malicious data into training datasets that can cause decreased performance. Model failure is known as poisoning
There are two types of adversarial attacks in DL. What are they?
Black Box Attacks
The main feature of a black box attack is that the attacker does not have access to the training data. Black box attacks are usually applied when the model is too complex for the attacker to understand. The goal of a black box attack is to reverse engineer the model and find a way to manipulate the input data to force the model to output the desired value.
White Box Attacks
In a white box attack, the attacker has access to the input data and the model definition. The attacker then tries to find a way to manipulate the input data to force the model to output a specific value.
How can we generate adversarial images?
- Take input image –> Make prediction (using CNN)
- Compute loss of prediction based on true class label
- Calculate gradients of loss with respect to input image
- Compute gradient sign –> Use to construct adversarial image (output)
What is adversarial training?
Having a model learn to correctly classify adversarial examples
What are Generative Adversial Networks? (GANs)
Primary idea: Let NNs compete against each other to perform better.
GAN composed of two neural networks with different objectives
- Generator: Takes a random distribution as input (typically Gaussian) and outputs some data. Typically, an image
- Discriminator: Takes either a fake image from generator or a real image from training set as input, and guesses whether input image is fake or real.
What are the difficulties of training Generative Adversial Networks (GANs)?
- Generator and discriminator constantly try to outsmart each other -> Leads to no player would be better off changing their own strategy, assuming other players do not change theirs
- Generator produces perfectly realistic images and discriminator is forced to guess (50% real, 50% fake)
- Generators outputs gradually become less diverse (called mode collapse)
- Generator and discriminator are constantly pushing against each other, parameters may end up oscillating and becoming unstable
What are Deep Convolutional GANs? (DGANs)
Idea: Build GANs based on deeper convolutional nets for larger images
What are Convolutional Neural Networks? (CNN)
Deep Neural Networks does not work well for large image recognition. -> Now we have CNNs!
In CNNs, each layer is represented in 2D which makes it easier to match neurons with their corresponding inputs
What is convolution?
A mathematical operation that slides one function over another and measures the integral of their pointwise multiplication.
Has deep connections with Fourier transform + Laplace transform
Convolutional Neural Networks (CNN) have three fundamental layers. Name them
- Convolutional layer
- Pooling layer
- Fully connected layer
True or false: The convolutional layer is the most important building block of a CNN
TRUE!
How does the convolutional layer work?
Convolution layer is made up of filters and feature maps
- A filter is passed over the input image pixels to capture a specific set of features in a process called convolution
- Convolution is the process by which a function is applied to a matrix to extract specific information from the matrix
- Feature maps are outputs of a filter in a convolutional layer
- Exposes certain patterns of input images (such as horizontal lines, vertical lines)
What does the pooling layer do?
Goal: Reduce feature map of convolutional layer
Summarizes image features learned in previous network layers
True or False: Once a CNN has learned to recognize a pattern in one location, it can recognize it in any other location
True
True or False: All neurons in a feature map share the same parameters, which reduces the number of parameters in the model
True
The Fulle Connected Network (FCN) layer is
feedforward neural network or multilayer perceptron (MLP)
