Understanding Adversarial Training: Increasing Local Stability of Neural Nets through Robust Optimization

Uri Shaham , Yutaro Yamada , Sahand Negahban

Authors on Pith no claims yet

classification 📊 stat.ML cs.LGcs.NE

keywords networkadversarialannsincreasinglocaloptimizationstabilityexamples

read the original abstract

We propose a general framework for increasing local stability of Artificial Neural Nets (ANNs) using Robust Optimization (RO). We achieve this through an alternating minimization-maximization procedure, in which the loss of the network is minimized over perturbed examples that are generated at each parameter update. We show that adversarial training of ANNs is in fact robustification of the network optimization, and that our proposed framework generalizes previous approaches for increasing local stability of ANNs. Experimental results reveal that our approach increases the robustness of the network to existing adversarial examples, while making it harder to generate new ones. Furthermore, our algorithm improves the accuracy of the network also on the original test data.

This paper has not been read by Pith yet.

discussion (0)

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

On Large-Batch Training for Deep Learning: Generalization Gap and Sharp Minima
cs.LG 2016-09 unverdicted novelty 6.0

Large-batch methods converge to sharp minima causing a generalization gap, while small-batch methods reach flat minima due to inherent gradient noise.