Adversarial Fine-tune with Dynamically Regulated Adversary release_pvpalyktfrcf7cgif2h4cp5vs4

by Pengyue Hou, Ming Zhou, Jie Han, Petr Musilek, Xingyu Li

Released as a article .

2022  

Abstract

Adversarial training is an effective method to boost model robustness to malicious, adversarial attacks. However, such improvement in model robustness often leads to a significant sacrifice of standard performance on clean images. In many real-world applications such as health diagnosis and autonomous surgical robotics, the standard performance is more valued over model robustness against such extremely malicious attacks. This leads to the question: To what extent we can boost model robustness without sacrificing standard performance? This work tackles this problem and proposes a simple yet effective transfer learning-based adversarial training strategy that disentangles the negative effects of adversarial samples on model's standard performance. In addition, we introduce a training-friendly adversarial attack algorithm, which facilitates the boost of adversarial robustness without introducing significant training complexity. Extensive experimentation indicates that the proposed method outperforms previous adversarial training algorithms towards the target: to improve model robustness while preserving model's standard performance on clean data.
In text/plain format

Archived Files and Locations

application/pdf  1.7 MB
file_fio2czuejvf7jbmfyj6djs7kkm
arxiv.org (repository)
web.archive.org (webarchive)
Read Archived PDF
Preserved and Accessible
Type  article
Stage   submitted
Date   2022-04-28
Version   v1
Language   en ?
arXiv  2204.13232v1
Work Entity
access all versions, variants, and formats of this works (eg, pre-prints)
Catalog Record
Revision: 7dba180a-c260-4bbf-a73d-dc5d18004039
API URL: JSON