Towards Fast and Robust Adversarial Training for Image Classification

30/11/2020

Towards Fast and Robust Adversarial Training for Image Classification

Erh-Chung Chen, Che-Rung Lee

Keywords:

Abstract Paper Similar Papers

Abstract: The adversarial training, which augments the training data with adversarial examples, is one of the most effective methods to defend adversarial attacks. However, its robustness degrades for complex models, and the producing of strong adversarial examples is a time-consuming task. In this paper, we proposed methods to improve the robustness and efficiency of the adversarial training. First, we utilized a re-constructor to enforce the classifier to learn the important features under perturbations. Second, we employed the enhanced FGSM to generate adversarial examples effectively. It can detect overfitting and stop training earlier without extra cost. Experiments are conducted on MNIST and CIFAR10 to validate the effectiveness of our methods. We also compared our algorithm with the state-of-the-art defense methods. The results show that our algorithm is 4-5 times faster than the previously fastest training method. For CIFAR-10, our method can achieve above 46\% robust accuracy, which is better than most of other methods.

The video of this talk cannot be embedded. You can watch it here:

https://accv2020.github.io/miniconf/poster_191.html

(Link will open in new window)

0

0

0

0

Share

This is an embedded video. Talk and the respective paper are published at ACCV 2020 virtual conference. If you are one of the authors of the paper and want to manage your upload, see the question "My papertalk has been externally embedded..." in the FAQ section.

Comments

Post Comment

no comments yet

Similar Papers

18/07/2021

Backdoor Scanning for Deep Neural Networks through K-Arm Optimization

Guangyu Shen, Yingqi Liu, Guanhong Tao and
Shengwei An, Qiuling Xu, Siyuan Cheng, Shiqing Ma, Xiangyu Zhang

Keywords Paper

Social Aspects of Machine Learning, Privacy, Anonymity, and Security

0

0

0

0

5:12

14/06/2020

Single-Step Adversarial Training With Dropout Scheduling

Vivek B.S., R. Venkatesh Babu

Keywords Paper

adversarial training, robustness, efficient training, representation learning, generalization, supervised learning, recognition, classification, neural networks, deep learning

0

0

0

0

1:01

02/02/2021

Are Adversarial Examples Created Equal? A Learnable Weighted Minimax Risk for Robustness under Non-uniform Attacks

Huimin Zeng, Chen Zhu, Tom Goldstein, Furong Huang

Keywords Paper

0

0

0

0

16:06

12/07/2020

Adversarial Robustness Against the Union of Multiple Threat Models

Pratyush Maini, Eric Wong, Zico Kolter

Keywords Paper

Adversarial Examples

0

0

0

0

15:02

06/12/2021

Towards Efficient and Effective Adversarial Training

Gaurang Sriramanan, Sravanti Addepalli, Arya Baburaj, Venkatesh Babu R

Keywords Paper

deep learning, optimization, robustness, adversarial robustness and security

0

0

0

0

14:24

05/01/2021

EvidentialMix: Learning With Combined Open-Set and Closed-Set Noisy Labels

Ragav Sachdeva, Filipe R. Cordeiro, Vasileios Belagiannis and
Ian Reid, Gustavo Carneiro

Keywords Paper

0

0

0

0

4:58

03/05/2021

Provably robust classification of adversarial examples with detection

Fatemeh Sheikholeslami, Ali Lotfi, Zico Kolter

Keywords Paper

Adversarial robustness, robust deep learning

0

1

0

0

5:01

12/07/2020

Overfitting in adversarially robust deep learning

Eric Wong, Leslie Rice, Zico Kolter

Keywords Paper

Adversarial Examples

0

0

0

0

14:44

12/07/2020

More Data Can Expand The Generalization Gap Between Adversarially Robust and Standard Models

Lin Chen, Yifei Min, Mingrui Zhang, Amin Karbasi

Keywords Paper

Adversarial Examples

0

0

0

0

12:01

12/07/2020

Reliable evaluation of adversarial robustness with an ensemble of diverse parameter-free attacks

Francesco Croce, Matthias Hein

Keywords Paper

Adversarial Examples

0

0

0

0

14:41

03/05/2021

Class Normalization for (Continual)? Generalized Zero-Shot Learning

Ivan Skorokhodov, Mohamed Elhoseiny

Keywords Paper

initialization, normalization, zero-shot learning, continual learning

0

0

0

0

4:45

06/12/2020

Differentiable Augmentation for Data-Efficient GAN Training

Shengyu Zhao, Zhijian Liu, Ji Lin and
Jun-Yan Zhu, Song Han

Keywords Paper

0

0

0

0

3:22

30/11/2020

Adversarially Robust Deep Image Super-Resolution using Entropy Regularization

Jun-Ho Choi, Huan Zhang, Jun-Hyuk Kim and
Cho-Jui Hsieh, Jong-Seok Lee

Keywords Paper

0

0

0

0

9:30

02/02/2021

Fast and Scalable Adversarial Training of Kernel SVM via Doubly Stochastic Gradients

Huimin Wu, Zhengmian Hu, Bin Gu

Keywords Paper

0

0

0

0

14:04

03/05/2021

Stochastic Security: Adversarial Defense Using Long-Run Dynamics of Energy-Based Models

Mitch Hill, Jonathan Mitchell, Song-Chun Zhu

Keywords Paper

energy-based model, adversarial defense, adversarial attack, Langevin sampling, Markov chain Monte Carlo, adversarial robustness

0

0

0

0

4:51

14/06/2020

One Man’s Trash Is Another Man’s Treasure: Resisting Adversarial Examples by Adversarial Examples

Chang Xiao, Changxi Zheng

Keywords Paper

adversarial defense, adversarial examples, adversarial learning, deep learning

0

0

0

0

1:01

26/04/2020

MACER: Attack-free and Scalable Robust Training via Maximizing Certified Radius

Runtian Zhai, Chen Dan, Di He and
Huan Zhang, Boqing Gong, Pradeep Ravikumar, Cho-Jui Hsieh, Liwei Wang

Keywords Paper

Adversarial Robustness, Provable Adversarial Defense, Randomized Smoothing, Robustness Certification

0

0

0

0

5:10

06/12/2021

Anti-Backdoor Learning: Training Clean Models on Poisoned Data

Yige Li, Xixiang Lyu, Nodens Koren and
Lingjuan Lyu, Bo Li, Xingjun Ma

Keywords Paper

deep learning

0

0

0

0

7:58

06/12/2021

Adversarial Robustness without Adversarial Training: A Teacher-Guided Curriculum Learning Approach

Anindya Sarkar, Anirban Sarkar, Sowrya Gali, Vineeth N Balasubramanian

Keywords Paper

robustness, adversarial robustness and security

0

0

0

0

15:21

14/06/2020

Learn2Perturb: An End-to-End Feature Perturbation Learning to Improve Adversarial Robustness

Ahmadreza Jeddi, Mohammad Javad Shafiee, Michelle Karg and
Christian Scharfenberger, Alexander Wong

Keywords Paper

adversarial robustness, network randomization, alternative back-propagation, trainable noise, adversarial training

0

0

0

0

1:01

18/07/2021

Learning to Generate Noise for Multi-Attack Robustness

Divyam Madaan, Jinwoo Shin, Sung Ju Hwang

Keywords Paper

Applications, Privacy, Anonymity, and Security, Probabilistic Methods, MCMC, Algorithms, Adversarial Examples

0

0

0

0

5:12

14/06/2020

Old Is Gold: Redefining the Adversarially Learned One-Class Classifier Training Paradigm

Muhammad Zaigham Zaheer, Jin-Ha Lee, Marcella Astrid, Seung-Ik Lee

Keywords Paper

anomaly detection, adversarial learning, one-class classification, autoencoder, novelty detection, outlier detection, semi supervised learning, ucsd pedestrian2, mnist, caltech -256

0

0

0

0

1:01

26/08/2020

Robustness for Non-Parametric Classification: A Generic Attack and Defense

Yao-Yuan Yang, Cyrus Rashtchian, Yizhen Wang, Kamalika Chaudhuri

Keywords Paper

0

0

0

0

14:42

18/07/2021

Double-Win Quant: Aggressively Winning Robustness of Quantized Deep Neural Networks via Random Precision Training and Inference

Yonggan Fu, Qixuan Yu, Meng Li and
Vikas Chandra, Yingyan Lin

Keywords Paper

Algorithms, Adversarial Examples

0

0

0

0

5:20

18/07/2021

Enhancing Robustness of Neural Networks through Fourier Stabilization

Netanel Raviv, Aidan Kelley, Minzhe Guo, Yevgeniy Vorobeychik

Keywords Paper

Probabilistic Methods, Variational Inference, Algorithms, Boosting and Ensemble Methods; Probabilistic Methods; Probabilistic Methods, Bayesian Theory, Social Aspects of Machine Learning, Privacy, Anonymity, and Security

0

0

0

0

4:57

12/08/2020

SmartVerif: Push the Limit of Automation Capability of Verifying Security Protocols by Dynamic Strategies

Yan Xiong, Cheng Su, Wenchao Huang and
Fuyou Miao, Wansen Wang, Hengyi Ouyang

Keywords Paper

0

0

0

0

11:18

06/12/2021

Morié Attack (MA): A New Potential Risk of Screen Photos

Dantong Niu, Ruohao Guo, Yisen Wang

Keywords Paper

deep learning, robustness, adversarial robustness and security, vision

0

0

0

0

6:45

03/05/2021

Training GANs with Stronger Augmentations via Contrastive Discriminator

Jongheon Jeong, Jinwoo Shin

Keywords Paper

visual representation learning, contrastive learning, unsupervised learning, data augmentation, generative adversarial networks

0

0

0

0

5:48

06/12/2021

Deceive D: Adaptive Pseudo Augmentation for GAN Training with Limited Data

Liming Jiang, Bo Dai, Wayne Wu, Chen Change Loy

Keywords Paper

generative model

0

0

0

0

13:51

06/12/2021

Automated Discovery of Adaptive Attacks on Adversarial Defenses

Chengyuan Yao, Pavol Bielik, Petar Tsankov, Martin Vechev

Keywords Paper

deep learning, robustness, adversarial robustness and security

0

0

0

0

9:09

18/07/2021

Weight-covariance alignment for adversarially robust neural networks

Panagiotis Eustratiadis, Henry Gouk, Da Li, Timothy Hospedales

Keywords Paper

Deep Learning, Adversarial Networks

0

0

0

0

4:46

06/12/2020

Cream of the Crop: Distilling Prioritized Paths For One-Shot Neural Architecture Search

Houwen Peng, Hao Du, Hongyuan Yu and
QI LI, Jing Liao, Jianlong Fu

Keywords Paper

0

0

0

0

3:12

06/12/2020

Self-Adaptive Training: beyond Empirical Risk Minimization

Lang Huang, Chao Zhang, Hongyang Zhang

Keywords Paper

Deep Learning -> Generative Models, Algorithms -> Semi-Supervised Learning

0

0

0

0

3:23

18/07/2021

SECANT: Self-Expert Cloning for Zero-Shot Generalization of Visual Policies

Jim Fan, Guanzhi Wang, De-An Huang and
Zhiding Yu, Li Fei-Fei, Yuke Zhu, Anima Anandkumar

Keywords Paper

Reinforcement Learning and Planning, Deep RL

0

0

0

0

5:13

26/04/2020

Improving Adversarial Robustness Requires Revisiting Misclassified Examples

Yisen Wang, Difan Zou, Jinfeng Yi and
James Bailey, Xingjun Ma, Quanquan Gu

Keywords Paper

Robustness, Adversarial Defense, Adversarial Training

0

0

0

0

5:02

02/02/2021

Amata: An Annealing Mechanism for Adversarial Training Acceleration

Nanyang Ye, Qianxiao Li, Xiao-Yun Zhou, Zhanxing Zhu

Keywords Paper

0

0

0

0

14:30

03/05/2021

Regularization Matters in Policy Optimization - An Empirical Study on Continuous Control

Zhuang Liu, Xuanlin Li, Bingyi Kang, trevor darrell

Keywords Paper

Deep Reinforcement Learning, Regularization, Continuous Control, Policy Optimization

0

0

0

0

8:45

14/06/2020

Towards Unified INT8 Training for Convolutional Neural Network

Feng Zhu, Ruihao Gong, Fengwei Yu and
Xianglong Liu, Yanfei Wang, Zhelong Li, Xiuqi Yang, Junjie Yan

Keywords Paper

int8 training, gradient quantization, direction sensitive gradient clipping, learning rate scaling, gradient distribution

0

0

0

0

1:01

18/07/2021

Defense against backdoor attacks via robust covariance estimation

Jonathan Hayase, Weihao Kong, Raghav Somani, Sewoong Oh

Keywords Paper

Algorithms, Adversarial Examples

0

0

0

0

4:39

06/12/2021

Stabilizing Deep Q-Learning with ConvNets and Vision Transformers under Data Augmentation

Nicklas Hansen, Hao Su, Xiaolong Wang

Keywords Paper

reinforcement learning and planning, transformers

0

0

0

0

8:43