Including human analysis has the potential to positively affect the robustness of Deep Neural Networks and is relatively unexplored in the Adversarial Machine Learning literature. Neural network visual explanation maps have been shown to be prone to adversarial attacks. Further research is needed in order to select robust visualizations of explanations for the image analyst to evaluate a given model. These factors greatly impact Human-In-The-Loop (HITL) evaluation tools due to their reliance on adversarial images, including explanation maps and measurements of robustness. We believe models of human visual attention may improve interpretability and robustness of human-machine imagery analysis systems. Our challenge remains, how can HITL evaluation be robust in this adversarial landscape?

翻译：在对抗性机器学习文献中，纳入人类分析有望提升深度神经网络的鲁棒性，但这一方向尚未得到充分探索。研究表明，神经网络的可视化解释图谱容易遭受对抗性攻击。为便于图像分析师评估特定模型，亟需进一步研究以选择鲁棒的解释可视化方法。这些因素严重影响了基于对抗性图像的人类参与循环（HITL）评估工具——包括解释图谱和鲁棒性度量。我们认为，人类视觉注意力模型可能提升人机图像分析系统的可解释性与鲁棒性。当前的核心挑战仍在于：在对抗性环境下，HITL评估如何保持其鲁棒性？