Timezone: »

 
Poster
Defense Against Adversarial Attacks Using Feature Scattering-based Adversarial Training
Haichao Zhang · Jianyu Wang

Tue Dec 10 10:45 AM -- 12:45 PM (PST) @ East Exhibition Hall B + C #8
in Algorithms -- Adversarial Learning »

We introduce a feature scattering-based adversarial training approach for improving model robustness against adversarial attacks. Conventional adversarial training approaches leverage a supervised scheme (either targeted or non-targeted) in generating attacks for training, which typically suffer from issues such as label leaking as noted in recent works. Differently, the proposed approach generates adversarial images for training through feature scattering in the latent space, which is unsupervised in nature and avoids label leaking. More importantly, this new approach generates perturbed images in a collaborative fashion, taking the inter-sample relationships into consideration. We conduct analysis on model robustness and demonstrate the effectiveness of the proposed approach through extensively experiments on different datasets compared with state-of-the-art approaches.

Keywords: Adversarial Networks · Algorithms · Deep Learning · Adversarial Learning
[ Paper [ Poster

Author Information

Haichao Zhang (Horizon Robotics)
Jianyu Wang (Baidu USA)

More from the Same Authors