Learning with a Strong Adversary
read the original abstract
The robustness of neural networks to intended perturbations has recently attracted significant attention. In this paper, we propose a new method, \emph{learning with a strong adversary}, that learns robust classifiers from supervised data. The proposed method takes finding adversarial examples as an intermediate step. A new and simple way of finding adversarial examples is presented and experimentally shown to be efficient. Experimental results demonstrate that resulting learning method greatly improves the robustness of the classification models produced.
This paper has not been read by Pith yet.
Forward citations
Cited by 3 Pith papers
-
Deep Variational Information Bottleneck
Deep VIB is a neural-network parameterization of the information bottleneck objective trained via variational inference and the reparameterization trick, yielding improved generalization and adversarial robustness.
-
Towards Deep Learning Models Resistant to Adversarial Attacks
Adversarial training via projected gradient descent on the inner maximization problem produces neural networks with substantially improved resistance to a wide range of attacks and establishes security against first-o...
-
Fooling a Real Car with Adversarial Traffic Signs
A reproducible pipeline produces physical adversarial traffic signs that successfully attack production-grade traffic sign recognition systems in a real car under black-box conditions.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.