Metareview: Summary, Strengths And Weaknesses:Based on the fact that adversarial training (AT) has proven to be an effective defense approach and the onservation that the properties of AT for robustness improvement remain an open issue, the authors investigate AT from a spectral perspective, provi...
CIFS: Improving adversarial robustness of CNNs via channel-wise importance-based feature selection. In International Conference on Machine Learning (ICML), 2021.概这两篇论文发现natural和adversarial样本在激活层的大小和分布有显著的不同.主要内容如上两图所示, 对抗样本的magnitude相较于干净样本要普遍大一些...
Improving Adversarial Robustness of CNNs via Channel-wise Importance-based Feature Selection笔记 摘要 基于对正常模型和鲁棒模型的观察---对抗样本会过度激活和预测类无关的通道,鲁棒类会激活和预测类正相关的类---假设抑制负相关通道,增强正相关通道就可以进一步提高对抗训练的鲁棒性。给这个猜想起个名字,即Channel...
To combat these adversarial examples (AEs), improving the adversarial robustness of models has emerged as an important research topic, and research has been conducted in various directions including adversarial training, image denoising, and adversarial purification. Among them, this paper focuses...
Though deep neural networks have achieved significant progress on various tasks, often enhanced by model ensemble, existing high-performance models can be vulnerable to adversarial attacks. Many efforts have been devoted to enhancing the robustness of individual networks and then constructing a straightforw...
Improving Adversarial Robustness via Guided Complement Entropy. Hao-Yun Chen*, Jhao-Hong Liang*, Shih-Chieh Chang, Jia-Yu Pan, Yu-Ting Chen, Wei Wei, Da-Cheng Juan. https://arxiv.org/abs/1903.09799 Introduction In this paper, we propose a new training paradigm called Guided Complement Entr...
Improving the Adversarial Robustness of Transfer Learning via Noisy Feature Distillation arXiv 2020.2 https://github.com/ cmu-enyac/Renofeation 基于预训练模型的微调方法容易受到对抗示例的攻击(源于预训练模型和finetuning模型的相似性),经过随机初始化训练的模型对此类攻击的鲁棒性更高,尽管这类模型在测试集...
Certified adversarial robustness via randomized smoothing. In In- ternational Conference on Machine Learning, pages 1310– 1320. PMLR, 2019. 3, 6 [5] Kedar Dhamdhere, Mukund Sundararajan, and Qiqi Yan. How important is a neuron? arXiv preprint arXiv:1805.122...
AROID: Improving Adversarial Robustness Through Online Instance-Wise Data Augmentation. IJCV 2024. - TreeLLi/AROID
2021-ICML-CIFS: Improving Adversarial Robustness of CNNs via Channel-wise Importance-based Feature Selection Related Work 2021-ICLR-Improving adversarial robustness via channel-wise activation suppressing Background 作者做实验发现,在处理AE时,一些negative-relevant (NR) channels仍被over-activatied。 Main Id...