0% Complete
Home
/
13th International Conference on Computer and Knowledge Engineering
A large input-space-margin approach for adversarial training
Authors :
Reihaneh Nikouei
1
Mohammad Taheri
2
1- Department of Computer Science and Engineering, Shiraz University, Shiraz, Iran.
2- Department of Computer Science and Engineering, Shiraz University, Shiraz, Iran.
Keywords :
Adversarial attack،Large margin،Input space،Defense method
Abstract :
It is shown that machine learning models are vulnerable to adversarial attacks. Therefore, different defense methods such as adversarial training have been proposed to improve models’ robustness against these attacks. Some recent approaches proposed to structurally improve the robustness of the models. For example, large margin methods try to increase a margin, empty of instances, along decision boundaries that structurally increase necessary change to modify a training instance to an adversarial one. However, nonlinear large-margin models, maximize the margin in a high dimensional space although adversarial examples are generated with a little change in the original space. In this paper, a novel mixed approach is proposed, called LIM (Large Input Margin) to improve the robustness of the model by minimizing both structural and empirical risks. Specifically, both training and adversarial example generation are done based on a loss function to maximize the margin in the original feature space even in a non-linear model. The proposed method is evaluated with FGSM and PGD attacks on MNIST and CIFAR10 datasets. The experimental results show that LIM method outperforms the state-of-the-art defense methods significantly and improves adversarial robustness against FGSM and PGD attacks on both datasets.
Papers List
List of archived papers
Uncertainty-Aware Deep Ensembles for Confident Customer Churn Prediction with Rejection Option
Fatemeh Moradi - Mehran Tarif - Mohammadhossein Homaei
SGFL: A Federated Learning Approach for Non-IID Data Using Semi-Supervised DCGAN
Alireza Rabiee - Abolfazl Ajdarloo - Mohsen Rahmani
Analysis of Insect-plant Interactions Affected by Mining operations, A Graph Mining Approach
Mohammad Heydari - Ali Bayat - Amir Albadvi
Deep Learning-Driven Beamforming Optimization for High-Performance 5G Planar Antenna Arrays
Rahman Mohammadi - Seyed Reza Razavi Pour
Blind Load-Balancing Algorithm using Double-Q-learning in the Fog Environment
Niloofar Tahmasebi pouya - Mehdi Agha Sarram
AI-Driven Relocation Tracking in Dynamic Kitchen Environments
Arash Nasr Esfahani - Hamed Hosseini - Mehdi Tale Masouleh - Ahmad Kalhor - Hedieh Sajedi
Time Series Analysis by Bi-GRU for Forecasting Bitcoin Trends based on Sentiment Analysis
Fatemeh Saadatmand - Mohammad Ali Zare Chahoki
A Robust Network for Embedded Traffic Sign Recognation.
Omid Nejati Manzari - Shahriar Baradaran Shokouhi
Fast and Accurate Motif Discovery in Protein Sequences Using Parallel Processing with OpenMP
Rahele Mohammadi - Mahmoud Naghibzadeh - Abdorreza Savadi
Optimizing Question-Answering Framework Through Integration of Text Summarization Model and Third-Generation Generative Pre-Trained Transformer
Ervin Gubin Moung - Toh Sin Tong - Maisarah Mohd Sufian - Valentino Liaw - Ali Farzamnia - Farashazillah Yahya
more
Samin Hamayesh - Version 43.7.0
