Adversarial Defence by Diversified Simultaneous Training of Deep Ensembles

02/02/2021

Adversarial Defence by Diversified Simultaneous Training of Deep Ensembles

Bo Huang, Zhiwei Ke, Yi Wang, Wei Wang, Linlin Shen, Feng Liu

Keywords:

Abstract Paper Similar Papers

Abstract: Learning-based classifiers are susceptible to adversarial examples. Existing defence methods are mostly devised on individual classifiers. Recent studies showed that it is viable to increase adversarial robustness by promoting diversity over an ensemble of models. In this paper, we propose adversarial defence by encouraging ensemble diversity on learning high-level feature representations and gradient dispersion in simultaneous training of deep ensemble networks. We perform extensive evaluations under white-box and black-box attacks including transferred examples and adaptive attacks. Our approach achieves a significant gain of up to 52% in adversarial robustness, compared with the baseline and the state-of-the-art method on image benchmarks with complex data scenes. The proposed approach complements the defence paradigm of adversarial training, and can further boost the performance. The source code is available at https://github.com/ALIS-Lab/AAAI2021-PDD.

The video of this talk cannot be embedded. You can watch it here:

https://slideslive.com/38948849

(Link will open in new window)

0

0

0

0

Share

This is an embedded video. Talk and the respective paper are published at AAAI 2021 virtual conference. If you are one of the authors of the paper and want to manage your upload, see the question "My papertalk has been externally embedded..." in the FAQ section.

Comments

Post Comment

no comments yet

Similar Papers

14/06/2020

JL-DCF: Joint Learning and Densely-Cooperative Fusion Framework for RGB-D Salient Object Detection

Keren Fu, Deng-Ping Fan, Ge-Peng Ji, Qijun Zhao

Keywords Paper

visual saliency, salient object detection, rgb-d, depth information, joint learning, dense connections, multi-modal features, feature fusion, deep learning, encoder-decoder

0

0

0

0

1:01

06/12/2020

Boosting Adversarial Training with Hypersphere Embedding

Tianyu Pang, Xiao Yang, Yinpeng Dong and
Kun Xu, Jun Zhu, Hang Su

Keywords Paper

0

0

0

0

2:59

14/06/2020

Benchmarking Adversarial Robustness on Image Classification

Yinpeng Dong, Qi-An Fu, Xiao Yang and
Tianyu Pang, Hang Su, Zihao Xiao, Jun Zhu

Keywords Paper

adversarial robustness, benchmark, evaluation, security, attack, defense, image classification

0

0

0

0

4:59

30/11/2020

Adversarially Robust Deep Image Super-Resolution using Entropy Regularization

Jun-Ho Choi, Huan Zhang, Jun-Hyuk Kim and
Cho-Jui Hsieh, Jong-Seok Lee

Keywords Paper

0

0

0

0

9:30

05/01/2021

Distillation Multiple Choice Learning for Multimodal Action Recognition

Nuno Cruz Garcia, Sarah Adel Bargal, Vitaly Ablavsky and
Pietro Morerio, Vittorio Murino, Stan Sclaroff

Keywords Paper

0

0

0

1

4:31

06/12/2020

GradAug: A New Regularization Method for Deep Neural Networks

Taojiannan Yang, Sijie Zhu, Chen Chen

Keywords Paper

0

0

0

0

3:18

23/08/2020

Spectrum-guided adversarial disparity learning

Zhe Liu, Lina Yao, Lei Bai and
Xianzhi Wang, Can Wang

Keywords Paper

adversarial autoencoder, generative models, intraclass variability, activity recognition

0

0

0

0

14:30

26/04/2020

Nesterov Accelerated Gradient and Scale Invariance for Adversarial Attacks

Jiadong Lin, Chuanbiao Song, Kun He and
Liwei Wang, John E. Hopcroft

Keywords Paper

adversarial examples, adversarial attack, transferability, Nesterov accelerated gradient, scale invariance

0

0

0

0

3:59

26/04/2020

Multi-Agent Interactions Modeling with Correlated Policies

Minghuan Liu, Ming Zhou, Weinan Zhang and
Yuzheng Zhuang, Jun Wang, Wulong Liu, Yong Yu

Keywords Paper

Multi-agent reinforcement learning, Imitation learning

0

0

0

0

4:33

16/11/2020

Adversarial Attack and Defense of Structured Prediction Models

Wenjuan Han, Liwen Zhang, Yong Jiang, Kewei Tu

Keywords Paper

adversarial attacks, classification problems, structured tasks, nlp tasks

0

0

0

0

11:06

02/02/2021

Self-Progressing Robust Training

Minhao Cheng, Pin-Yu Chen, Sijia Liu and
Shiyu Chang, Cho-Jui Hsieh, Payel Das

Keywords Paper

0

0

0

0

14:34

03/05/2021

Robust Reinforcement Learning on State Observations with Learned Optimal Adversary

Huan Zhang, Hongge Chen, Duane S Boning, Cho-Jui Hsieh

Keywords Paper

reinforcement learning, robustness, adversarial attacks, adversarial defense

0

0

0

0

5:14

03/05/2021

Improving Transformation Invariance in Contrastive Representation Learning

Adam Foster, Rattana Pukdee, Tom Rainforth

Keywords Paper

transformation invariance, contrastive learning, representation learning

0

0

0

0

5:23

03/05/2021

Provably robust classification of adversarial examples with detection

Fatemeh Sheikholeslami, Ali Lotfi, Zico Kolter

Keywords Paper

Adversarial robustness, robust deep learning

0

1

0

0

5:01

07/09/2020

Feature Binding with Category-Dependant MixUp for Semantic Segmentation and Adversarial Robustness

Md Amirul Islam, Matthew Kowal, Konstantinos Derpanis, Neil D. B. Bruce

Keywords Paper

Image Blending, Mixup, Feature Binding, Semantic Segmentation, Adversarial Robustness

0

0

0

0

9:00

02/02/2021

Enhanced Regularizers for Attributional Robustness

Anindya Sarkar, Anirban Sarkar, Vineeth N Balasubramanian

Keywords Paper

0

0

0

0

17:30

07/09/2020

Adversarial Concurrent Training: Optimizing Robustness and Accuracy Trade-off of Deep Neural Networks

Elahe Arani, Fahad Sarfraz, Bahram Zonooz

Keywords Paper

Adversarial Robustness, Generalization, Adversarial Training, Deep Learning, Collaborative Learning

0

0

0

0

3:39

19/04/2021

Interpretability for morphological inflection: From character-level predictions to subword-level rules

Tatyana Ruzsics, Olga Sozinova, Ximena Gutierrez-Vasques, Tanja Samardzic

Keywords Paper

0

0

0

0

10:53

19/08/2021

Recent Advances in Adversarial Training for Adversarial Robustness

Tao Bai, Jinqi Luo, Jun Zhao and
Bihan Wen, Qian Wang

Keywords Paper

Machine learning, General, General

0

0

0

0

11:32

22/11/2021

Single-Modal Entropy based Active Learning for Visual Question Answering

Dong-Jin Kim, Jae Won Cho, Jinsoo Choi and
Yunjae Jung, In So Kweon

Keywords Paper

Visual Question Answering, Vision and Language, Active Learning

0

0

0

0

2:42

06/12/2021

Robust Deep Reinforcement Learning through Adversarial Loss

Tuomas Oikarinen, Wang Zhang, Alexandre Megretski and
Luca Daniel, Tsui-Wei Weng

Keywords Paper

reinforcement learning and planning, robustness, adversarial robustness and security

0

0

0

0

14:15

02/02/2021

End-to-End Differentiable Learning to HDR Image Synthesis for Multi-exposure Images

Junghee Kim, Siyeong Lee, Suk-Ju Kang

Keywords Paper

0

0

0

0

15:35

02/02/2021

Error-Correcting Output Codes with Ensemble Diversity for Robust Learning in Neural Networks

Yang Song, Qiyu Kang, Wee Peng Tay

Keywords Paper

0

0

0

0

15:04

03/05/2021

$i$-Mix: A Domain-Agnostic Strategy for Contrastive Representation Learning

Kibok Lee, Yian Zhu, Kihyuk Sohn and
Chun-Liang Li, Jinwoo Shin, Honglak Lee

Keywords Paper

self-supervised learning, unsupervised representation learning, data augmentation, MixUp, contrastive representation learning

0

0

0

0

5:04

19/08/2021

Noise Doesn't Lie: Towards Universal Detection of Deep Inpainting

Ang Li, Qiuhong Ke, Xingjun Ma and
Haiqin Weng, Zhiyuan Zong, Feng Xue, Rui Zhang

Keywords Paper

Computer Vision, Recognition

0

0

0

0

14:39

12/07/2020

Leveraging Procedural Generation to Benchmark Reinforcement Learning

Karl Cobbe, Chris Hesse, Jacob Hilton, John Schulman

Keywords Paper

Reinforcement Learning - Deep RL

0

0

0

0

16:06

18/07/2021

Decoupling Representation Learning from Reinforcement Learning

Adam Stooke, Kimin Lee, Pieter Abbeel, Michael Laskin

Keywords Paper

Optimization, Submodular Optimization, Algorithms, Bandit Algorithms; Algorithms, Online Learning, Deep Learning, Embedding and Representation learning

0

0

0

0

5:15

14/06/2020

Cross-Modality Person Re-Identification With Shared-Specific Feature Transfer

Yan Lu, Yue Wu, Bin Liu and
Tianzhu Zhang, Baopu Li, Qi Chu, Nenghai Yu

Keywords Paper

person re-identification, cross modality

0

0

0

0

0:56

22/11/2021

Model Composition: Can Multiple Neural Networks Be Combined into a Single Network Using Only Unlabeled Data?

Amin Banitalebi-Dehkordi, Xinyu Kang, Yong Zhang

Keywords Paper

Model Composition, Combining Neural Networks, Pseudo Label, Self Training, Label Aggregation, Combining Models

0

0

0

0

2:58

03/05/2021

Trusted Multi-View Classification

Zongbo Han, Changqing Zhang, Huazhu FU, Joey T Zhou

Keywords Paper

Uncertainty Machine Learning, Multi-View Learning, Multi-Modal Learning

0

0

0

0

4:33

06/12/2020

AdvFlow: Inconspicuous Black-box Adversarial Attacks using Normalizing Flows

Hadi Mohaghegh Dolatabadi, Sarah Erfani, Christopher Leckie

Keywords Paper

0

0

0

0

3:59

30/11/2020

Towards Robust Fine-grained Recognition by Maximal Separation of Discriminative Features

Krishna Kanth Nakka, Mathieu Salzmann

Keywords Paper

0

0

0

0

9:28

06/12/2021

Deep Learning on a Data Diet: Finding Important Examples Early in Training

Mansheej Paul, Surya Ganguli, Gintare Karolina Dziugaite

Keywords Paper

deep learning

0

0

0

0

10:18

02/02/2021

Domain General Face Forgery Detection by Learning to Weight

Ke Sun, Hong Liu, Qixiang Ye and
Yue Gao, Jianzhuang Liu, Ling Shao, Rongrong Ji

Keywords Paper

0

0

0

0

14:07

03/05/2021

Towards Robustness Against Natural Language Word Substitutions

Xinshuai Dong, Anh Tuan Luu, Rongrong Ji, Hong Liu

Keywords Paper

Adversarial Defense, Natural Language Processing

0

0

0

0

6:06

03/05/2021

InfoBERT: Improving Robustness of Language Models from An Information Theoretic Perspective

Boxin Wang, Shuohang Wang, Yu Cheng and
Zhe Gan, Ruoxi Jia, Bo Li, Jingjing Liu

Keywords Paper

adversarial training, QA, NLI, BERT, information theory, adversarial robustness

0

0

0

0

5:21

16/11/2020

A Multi-Task Incremental Learning Framework with Category Name Embedding for Aspect-Category Sentiment Analysis

Zehui Dai, Cheng Peng, Huajie Chen, Yadong Ding

Keywords Paper

tacsa tasks, aspect-category analysis, targeted analysis, multi-task learning

0

0

0

0

11:41

12/07/2020

TaskNorm: Rethinking Batch Normalization for Meta-Learning

John Bronskill, Jonathan Gordon, James Requeima and
Sebastian Nowozin, Richard Turner

Keywords Paper

Transfer, Multitask and Meta-learning

0

0

0

0

13:56

12/07/2020

Revisiting Training Strategies and Generalization Performance in Deep Metric Learning

Karsten Roth, Timo Milbich, Samrath Sinha and
Prateek Gupta, Bjorn Ommer, Joseph Paul Cohen

Keywords Paper

Applications - Computer Vision

0

0

0

0

14:15

06/12/2021

Scalable Rule-Based Representation Learning for Interpretable Classification

Zhuo Wang, Wei Zhang, Ning Liu, Jianyong Wang

Keywords Paper

optimization, machine learning, representation learning, interpretability

0

0

0

0

14:52