A Practical Upper Bound for the Worst-Case Attribution Deviations. (arXiv:2303.00340v1 [cs.LG])

Model attribution is a critical component of deep neural networks (DNNs) for
its interpretability to complex models. Recent studies bring up attention to
the security of attribution methods as they are vulnerable to attribution
attacks that generate similar images with dramatically different attributions.
Existing works have been investigating empirically improving the robustness of
DNNs against those attacks; however, none of them explicitly quantifies the
actual deviations of attributions. In this work, for the first time, a
constrained optimization problem is …

attacks attention attribution case critical images networks neural networks robustness security studies vulnerable