pith. sign in

arxiv: 2101.09387 · v1 · pith:CWEADU53new · submitted 2021-01-23 · 💻 cs.LG · cs.CR· cs.CV

Online Adversarial Purification based on Self-Supervision

classification 💻 cs.LG cs.CRcs.CV
keywords adversarialself-supervisedpurificationonlineapproachdefenseexamplesknowledge
0
0 comments X
read the original abstract

Deep neural networks are known to be vulnerable to adversarial examples, where a perturbation in the input space leads to an amplified shift in the latent network representation. In this paper, we combine canonical supervised learning with self-supervised representation learning, and present Self-supervised Online Adversarial Purification (SOAP), a novel defense strategy that uses a self-supervised loss to purify adversarial examples at test-time. Our approach leverages the label-independent nature of self-supervised signals and counters the adversarial perturbation with respect to the self-supervised tasks. SOAP yields competitive robust accuracy against state-of-the-art adversarial training and purification methods, with considerably less training complexity. In addition, our approach is robust even when adversaries are given knowledge of the purification defense strategy. To the best of our knowledge, our paper is the first that generalizes the idea of using self-supervised signals to perform online test-time purification.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Beyond Uniform Sampling: Synergistic Active Learning and Input Denoising for Robust Neural Operators

    cs.LG 2026-04 unverdicted novelty 5.0

    Synergistic active learning and input denoising reduces combined error in neural operators on viscous Burgers' equation from 15.42% to 2.04%, an 87% improvement over standard training.