Fast Adversarial Training against Textual Adversarial Attacks

no code implementations • 23 Jan 2024 • Yichen Yang, Xin Liu, Kun He

Based on the observation that the adversarial perturbations crafted by single-step and multi-step gradient ascent are similar, FAT uses single-step gradient ascent to craft adversarial examples in the embedding space to expedite the training process.

Adversarial Defense Adversarial Robustness

PIAT: Parameter Interpolation based Adversarial Training for Image Classification

no code implementations • 24 Mar 2023 • Kun He, Xin Liu, Yichen Yang, Zhou Qin, Weigao Wen, Hui Xue, John E. Hopcroft

Besides, we suggest to use the Normalized Mean Square Error (NMSE) to further improve the robustness by aligning the clean and adversarial examples.

Classification Image Classification

Robust Textual Embedding against Word-level Adversarial Attacks

1 code implementation • 28 Feb 2022 • Yichen Yang, Xiaosen Wang, Kun He

We attribute the vulnerability of natural language processing models to the fact that similar inputs are converted to dissimilar representations in the embedding space, leading to inconsistent outputs, and we propose a novel robust training method, termed Fast Triplet Metric Learning (FTML).

Attribute Metric Learning

Regional Adversarial Training for Better Robust Generalization

no code implementations • 2 Sep 2021 • Chuanbiao Song, Yanbo Fan, Yichen Yang, Baoyuan Wu, Yiming Li, Zhifeng Li, Kun He

Adversarial training (AT) has been demonstrated as one of the most promising defense methods against various adversarial attacks.

Equality Saturation for Tensor Graph Superoptimization

no code implementations • 5 Jan 2021 • Yichen Yang, Phitchaya Mangpo Phothilimtha, Yisu Remy Wang, Max Willsey, Sudip Roy, Jacques Pienaar

However, we observe that existing approaches for tensor graph superoptimization both in production and research frameworks apply substitutions in a sequential manner.

Neurosymbolic Transformers for Multi-Agent Communication

1 code implementation • NeurIPS 2020 • Jeevana Priya Inala, Yichen Yang, James Paulos, Yewen Pu, Osbert Bastani, Vijay Kumar, Martin Rinard, Armando Solar-Lezama

We study the problem of inferring communication structures that can solve cooperative multi-agent planning problems while minimizing the amount of communication.

Adversarial Training with Fast Gradient Projection Method against Synonym Substitution based Text Attacks

1 code implementation • 9 Aug 2020 • Xiaosen Wang, Yichen Yang, Yihe Deng, Kun He

Adversarial training is the most empirically successful approach in improving the robustness of deep neural networks for image classification. For text classification, however, existing synonym substitution based adversarial attacks are effective but not efficient to be incorporated into practical text adversarial training.

Adversarial Attack Image Classification +2

Natural Language Adversarial Defense through Synonym Encoding

1 code implementation • 15 Sep 2019 • Xiaosen Wang, Hao Jin, Yichen Yang, Kun He

In the area of natural language processing, deep learning models are recently known to be vulnerable to various types of adversarial perturbations, but relatively few works are done on the defense side.

Adversarial Attack Adversarial Defense

Correctness Verification of Neural Networks

1 code implementation • 3 Jun 2019 • Yichen Yang, Martin Rinard

The presented framework also enables detecting illegal inputs -- inputs that are not contained in (or close to) the target input space as defined by the state space and observation process (the neural network is not designed to work on them), so that we can flag when we don't have guarantees.