Learning Robust Representations for Automatic Target Recognition: FY18 Line-Supported Information, Computation and Exploitation Program

Abstract

Machine Learning (ML) has an increasing role within many mission areas across the Laboratory. Yet, it remains to be seen how robust and secure these algorithms are to inputs that are intentionally designed to cause a ML model to make a mistake, i.e., adversarial examples. Many potential issues arise from the existence of adversarial examples. Examples include an adversary biasing the training data via data poisoning techniques for Automatic Target Recognition (ATR) systems or attacking cybersecurity systems by inserting malicious content that appears legitimate. Building a framework to evaluate and build robustness into ML algorithms will become increasingly important as the USG invests in new capabilities. The unique set of mission areas across the Laboratory offers a set of challenging problems for generating attacks; namely, the adversary is often limited in its ability to fully understand the defenses capability. Yet, the adversary may have a good understanding of the training data used for any given ML model; e.g., for ATR radar systems such as those needed for Ballistic Missile Defense, the adversary controls what the defense observes when conducting system capability tests leading to the possibility of potential data poisoning attacks. This project aims to adapt and expand on existing approaches to effectively red team adversarial attacks for evaluating the robustness of Laboratory ML algorithms, while also developing techniques to build resiliency into the models. Radio frequency (RF) sensors are used alongside other sensing modalities to provide rich representations of the world. Given the high variability of complex-valued target responses, RF systems are susceptible to attacks masking true target characteristics from accurate identification. In this work, we evaluate different techniques for building robust classification architectures exploiting learned physical structure in received synthetic aperture radar signals of simulated 3D targets.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 13, 2018
Accession Number
AD1098897

Entities

People

  • J. A. Goodwin
  • O. M. Brown
  • S.-h. Son
  • T. W. Killian

Organizations

  • MIT Lincoln Laboratory

Tags

Communities of Interest

  • Advanced Electronics
  • Autonomy
  • Cyber
  • Engineered Resilient Systems
  • Sensors
  • Weapons Technologies

DTIC Thesaurus Topics

  • Algorithms
  • Artificial Intelligence
  • Artificial Intelligence Software
  • Automatic
  • Boundaries
  • Classification
  • Cognitive Science
  • Computational Science
  • Convolutional Neural Networks
  • Data Sets
  • Deep Learning
  • Detectors
  • Frequency
  • Learning
  • Machine Learning
  • Neural Networks
  • Radar
  • Radar Signals
  • Radio Frequency
  • Recognition
  • Scattering
  • Simulations
  • Synthetic Aperture Radar
  • Target Classification
  • Target Recognition

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Neural Network Machine Learning.
  • Sensor Fusion and Tracking Systems.

Technology Areas

  • AI & ML
  • AI & ML - Neural Networks
  • Cyber
  • Cyber - Quantum