Deep learning models loosely mimic bottom-up signal pathways from low-order sensory areas to high-order cognitive areas. After training, DL models can outperform humans on some domain-specific tasks, but their decision-making process has been known to be easily disrupted. Since the human brain consists of multiple functional areas highly connected to one another and relies on intricate interplays between bottom-up and top-down (from high-order to low-order areas) processing, we hypothesize that incorporating top-down signal processing may make DL models more robust. To address this hypothesis, we propose a certification process mimicking selective attention and test if it could make DL models more robust. Our empirical evaluations suggest that this newly proposed certification can improve DL models' accuracy and help us build safety measures to alleviate their vulnerabilities with both artificial and natural adversarial examples.

翻译：深度学习模型大致模拟了从低阶感知区域到高阶认知区域的自底向上信号通路。训练完成后，深度学习模型在某些特定领域任务上可能超越人类表现，但其决策过程已知极易受到干扰。鉴于人脑由多个高度互联的功能区域构成，并依赖于自底向上与自顶向下（从高阶到低阶区域）处理间的复杂相互作用，我们假设引入自顶向下信号处理可能增强深度学习模型的鲁棒性。为验证这一假设，我们提出一种模拟选择性注意的认证流程，并测试其能否提升深度学习模型的稳健性。实证评估表明，这一新提出的认证机制能够提升深度学习模型的准确率，并有助于构建安全措施以缓解模型在面对人工与自然对抗样本时的脆弱性。