Lecture 10 - LSTM - CNN -GAN - BatchNorm

Question 1

LSTM stands for

Answer 1

Long Short-Term Memory

Question 2

LSTM is used for

Answer 2

Image captioning, stock market prediction, machine translation and text classification (for sequence processing)

Question 3

What are the Components of LSTM?

Answer 3

Memory cell, input gate, forget gate, output gate

Question 4

What is the function of the input gate?

Answer 4

Control what information gets stored in long-term state/memory cell

Note: Before the input gate, there is one more gate which controls the flow into the input gate

Question 5

What is the function of the forget gate?

Answer 5

Regulate how much of information in long-term state is persisted across time instants

Question 6

What is the function of the output gate?

Answer 6

Controls how much information to output from cell at a time instant

Question 7

GRU cell is a simplified version of ___ cell

Answer 7

GRU cell is a simplified version of LSTM cell

Question 8

GRUs combine which two LSTM gates to decide what information should be committed to long-term memory?

Answer 8

Forget and Input gates

Question 9

For real - Use this website to learn RNNs/LSTM etc

Answer 9

http://colah.github.io/posts/2015-08-Understanding-LSTMs/

Question 10

What is BatchNorm primarily used for?

Answer 10

Stabilising data - Also makes ANN faster and more stable through normalization (by recentering and rescaling)

Very useful for deep learning - Makes hidden layers very efficient

Question 11

BatchNorm is tricky to use in

Answer 11

RNN (Recurrent Neural Networks)

Question 12

What are adversarial examples?

Answer 12

Adversarial examples are inputs to machine learning models that an attacker has intentionally designed to cause the model to make a mistake; they’re like optical illusions for machines.

https://openai.com/blog/adversarial-example-research/

Question 13

What are the two types of adversarial image attacks?

Answer 13

Untargeted adversarial attacks: cannot control output label of adversarial image

Targeted adversarial attacks: can control output label of image

Question 14

Name some ML models that have had adversarial attacks

Answer 14

DNN, Clustering, Naive Bayes, Decision tree, multilayer perceptron, SVM

Question 15

Adversarial attacks impact model performance by

Answer 15

Injecting adversarial/malicious data into training datasets that can cause decreased performance. Model failure is known as poisoning

Question 16

There are two types of adversarial attacks in DL. What are they?

Answer 16

Black Box Attacks

The main feature of a black box attack is that the attacker does not have access to the training data. Black box attacks are usually applied when the model is too complex for the attacker to understand. The goal of a black box attack is to reverse engineer the model and find a way to manipulate the input data to force the model to output the desired value.

White Box Attacks

In a white box attack, the attacker has access to the input data and the model definition. The attacker then tries to find a way to manipulate the input data to force the model to output a specific value.

Question 17

How can we generate adversarial images?

Answer 17

1. Take input image –> Make prediction (using CNN)
2. Compute loss of prediction based on true class label
3. Calculate gradients of loss with respect to input image
4. Compute gradient sign –> Use to construct adversarial image (output)

Question 18

What is adversarial training?

Answer 18

Having a model learn to correctly classify adversarial examples

Question 19

What are Generative Adversial Networks? (GANs)

Answer 19

Primary idea: Let NNs compete against each other to perform better.

GAN composed of two neural networks with different objectives

• Generator: Takes a random distribution as input (typically Gaussian) and outputs some data. Typically, an image
• Discriminator: Takes either a fake image from generator or a real image from training set as input, and guesses whether input image is fake or real.

Question 20

What are the difficulties of training Generative Adversial Networks (GANs)?

Answer 20

1. Generator and discriminator constantly try to outsmart each other -> Leads to no player would be better off changing their own strategy, assuming other players do not change theirs
2. Generator produces perfectly realistic images and discriminator is forced to guess (50% real, 50% fake)
3. Generators outputs gradually become less diverse (called mode collapse)
4. Generator and discriminator are constantly pushing against each other, parameters may end up oscillating and becoming unstable

Question 21

What are Deep Convolutional GANs? (DGANs)

Answer 21

Idea: Build GANs based on deeper convolutional nets for larger images

Question 22

What are Convolutional Neural Networks? (CNN)

Answer 22

Deep Neural Networks does not work well for large image recognition. -> Now we have CNNs!

In CNNs, each layer is represented in 2D which makes it easier to match neurons with their corresponding inputs

Question 23

What is convolution?

Answer 23

A mathematical operation that slides one function over another and measures the integral of their pointwise multiplication.

Has deep connections with Fourier transform + Laplace transform

Question 24

Convolutional Neural Networks (CNN) have three fundamental layers. Name them

Answer 24

1. Convolutional layer
2. Pooling layer
3. Fully connected layer

Question 25

True or false: The convolutional layer is the most important building block of a CNN

Answer 25

TRUE!

Question 26

How does the convolutional layer work?

Answer 26

Convolution layer is made up of filters and feature maps

• A filter is passed over the input image pixels to capture a specific set of features in a process called convolution
  
  • Convolution is the process by which a function is applied to a matrix to extract specific information from the matrix
• Feature maps are outputs of a filter in a convolutional layer
  
  • Exposes certain patterns of input images (such as horizontal lines, vertical lines)

Question 27

What does the pooling layer do?

Answer 27

Goal: Reduce feature map of convolutional layer

Summarizes image features learned in previous network layers

Question 28

True or False: Once a CNN has learned to recognize a pattern in one location, it can recognize it in any other location

Answer 28

True

Question 29

True or False: All neurons in a feature map share the same parameters, which reduces the number of parameters in the model

Answer 29

True

Question 30

The Fulle Connected Network (FCN) layer is

Answer 30

feedforward neural network or multilayer perceptron (MLP)