ARMOURED: Adversarially Robust MOdels using Unlabeled data by REgularizing Diversity

Page view(s)
21
Checked on Nov 28, 2022
ARMOURED: Adversarially Robust MOdels using Unlabeled data by REgularizing Diversity
Title:
ARMOURED: Adversarially Robust MOdels using Unlabeled data by REgularizing Diversity
Other Titles:
International Conference on Learning Representations (ICLR) 2021
DOI:
Publication Date:
07 May 2021
Citation:
K. Lu, C. M. Nguyen, X. Xu, K. Chari, Y. J. Goh, and C.-S. Foo, “ARMOURED: Adversarially Robust MOdels using Unlabeled data by REgularizing Diversity,” presented at the International Conference on Learning Representations, 2021
Abstract:
Adversarial attacks pose a major challenge for modern deep neural networks. Re-cent advancements show that adversarially robust generalization requires a hugeamount of labeled data for training. If annotation becomes a burden, can unla-beled data help bridge the gap? In this paper, we propose ARMOURED, an ad-versarially robust training method based on semi-supervised learning that consistsof two components. The first component applies multi-view learning to simul-taneously optimize multiple independent networks and utilizes unlabeled data toenforce labeling consistency. The second component reduces adversarial trans-ferability among the networks via diversity regularizers inspired by determinantalpoint processes and entropy maximization. Notably, ARMOURED does not relyon generating adversarial samples during training. We demonstrate the robust-ness of ARMOURED on CIFAR-10 and SVHN datasets against state-of-the-artbenchmarks in both the adversarial robust training and the semi-supervised train-ing domains. Experimental results show that under projected gradient descentattacks with bounded`∞norm, ARMOURED achieves substantial gains in accu-racy, while maintaining high accuracy on clean samples.
License type:
Publisher Copyright
Funding Info:
This research is supported by DSO National Laboratories of Singapore
Description:
ISBN: