Input Feature Obfuscation / Adversarial Input Feature Obfuscation for (Deep) Neural Networks

The Office of National Intelligence (ONI) and the Defence Science and Technology (DST) Group has launch a new collaborative project to develop Artificial Intelligence (AI) and Machine Learning (ML) expertise and capability in areas of significant importance to the Australian defence and national security community.Determining the relevance of input features is an important part of model building, yet once the model is built and implemented in a product, on access to that product, the input of data and observation of outputs can be used for reverse engineering and defeating of the model. There is a large amount of prior art in determining the relevance of input features (including my own work) but limited published work on preventing such adversarial attacks. The aim is to develop a general approach which can be applied to any neural/deep solution and dataset.