A Vulnerability of Attribution Methods Using Pre-Softmax Scores

arXiv:2307.03305v3 Announce Type: replace
Abstract: We discuss a vulnerability involving a category of attribution methods used to provide explanations for the outputs of convolutional neural networks working as classifiers. It is known that this type of networks are vulnerable to adversarial attacks, in which imperceptible perturbations of the input may alter the outputs of the model. In contrast, here we focus on effects that small modifications in the model may cause on the attribution method without altering the model outputs.

abstract adversarial adversarial attacks arxiv attacks attribution classifiers convolutional neural networks cs.ai cs.lg discuss networks neural networks softmax type vulnerability vulnerable