Abstract

We consider the problem of improving the adversarial robustness of neural networks while retaining natural accuracy. Motivated by the multi-view information bottleneck formalism, we seek to learn a representation that captures the shared information between clean samples and their corresponding adversarial samples while discarding these samples’ view-specific information. We show that this approach leads to a novel multi-objective loss function, and we provide mathematical motivation for its components towards improving the robust vs. natural accuracy tradeoff. We demonstrate enhanced tradeoff compared to current state-of-the-art methods with extensive evaluation on various benchmark image datasets and architectures. Ablation studies indicate that learning shared representations is key to improving performance.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
3D Point Cloud Completion with Geometric-Aware Adversarial Augmentation
Mengxi Wu ... Hao Huang
-
Mengxi Wu, et. al.Mengxi Wu ... Hao Huang
21 Aug 2022
RPU-PVB: robust object detection based on a unified metric perspective with bilinear interpolation
Hao Yang ... Yangwen Zhang
Journal of Cloud Computing Advances Systems and Applications | VOL. 12
Hao Yang, et. al.Hao Yang ... Yangwen Zhang
02 Dec 2023
Defense against adversarial attack by feature distillation and metric learning
Xiang Xiang ... Wei Wei
-
Xiang Xiang, et. al.Xiang Xiang ... Wei Wei
23 Aug 2022
An Adversarial Sample Defense Method Based on Saliency Information
Shuqi Liu ... Xinyu Ma
-
Shuqi Liu, et. al.Shuqi Liu ... Xinyu Ma
01 Jan 2023
View more papers

More From: Pattern Recognition

Paper Title
Journal
Date
Author
PointSurFace: Discriminative point cloud surface feature extraction for 3D face recognition
Junpeng Yang ... Linlin Shen
Pattern Recognition | VOL. 156
Junpeng Yang, et. al.Junpeng Yang ... Linlin Shen
02 Aug 2024
DMANet: Dual-modality alignment network for visible-infrared person re-identification
Xu Cheng ... Guoying Zhao
Pattern Recognition | VOL. -
Xu Cheng, et. al.Xu Cheng ... Guoying Zhao
01 Aug 2024
Progressive expansion for semi-supervised Bi-modal salient object detection
Jie Wang ... Yahong Han
Pattern Recognition | VOL. -
Jie Wang, et. al.Jie Wang ... Yahong Han
01 Aug 2024
SLSG: Industrial Image Anomaly Detection with Improved Feature Embeddings and One-Class Classification
Minghui Yang ... Zhaoyang Wu
Pattern Recognition | VOL. -
Minghui Yang, et. al.Minghui Yang ... Zhaoyang Wu
01 Aug 2024
View more papers