Interpolated Adversarial Training: Achieving Robust Neural Networks Without Sacrificing Too Much Accuracy

Vikas Verma, Alex Lamb, Juho Kannala, Yoshua Bengio

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference article in proceedingsScientificvertaisarvioitu

233 Lataukset (Pure)

Abstrakti

Adversarial robustness has become a central goal in deep learning, both in theory and in practice. However, successful methods to improve the adversarial robustness (such as adversarial training) greatly hurt generalization performance on the unperturbed data. This could have a major impact on how achieving adversarial robustness affects real world systems (i.e. many may opt to forego robustness if it can improve accuracy on the unperturbed data). We propose Interpolated Adversarial Training, which employs recently proposed interpolation based training methods in the framework of adversarial training. On CIFAR-10, adversarial training increases the standard test error (when there is no adversary) from 4.43% to 12.32%, whereas with our Interpolated adversarial training we retain adversarial robustness while achieving a standard test error of only 6.45%. With our technique, the relative increase in the standard error for the robust model is reduced from 178.1% to just 45.5%.
AlkuperäiskieliEnglanti
OtsikkoAISec'19: Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security
KustantajaACM
Sivut95-103
ISBN (painettu)978-1-4503-6833-9
DOI - pysyväislinkit
TilaJulkaistu - 2019
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaACM Workshop on Artificial Intelligence and Security - London, Iso-Britannia
Kesto: 15 marrask. 201915 marrask. 2019
Konferenssinumero: 12
https://aisec.cc/

Workshop

WorkshopACM Workshop on Artificial Intelligence and Security
LyhennettäAISec
Maa/AlueIso-Britannia
KaupunkiLondon
Ajanjakso15/11/201915/11/2019
www-osoite

Sormenjälki

Sukella tutkimusaiheisiin 'Interpolated Adversarial Training: Achieving Robust Neural Networks Without Sacrificing Too Much Accuracy'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä