Understanding Adversarial Training: Increasing Local Stability of Neural Nets through Robust Optimization

17 Nov 2015  ·  Uri Shaham, Yutaro Yamada, Sahand Negahban ·

We propose a general framework for increasing local stability of Artificial Neural Nets (ANNs) using Robust Optimization (RO). We achieve this through an alternating minimization-maximization procedure, in which the loss of the network is minimized over perturbed examples that are generated at each parameter update. We show that adversarial training of ANNs is in fact robustification of the network optimization, and that our proposed framework generalizes previous approaches for increasing local stability of ANNs. Experimental results reveal that our approach increases the robustness of the network to existing adversarial examples, while making it harder to generate new ones. Furthermore, our algorithm improves the accuracy of the network also on the original test data.

PDF Abstract

Code
Add Remove Mark official

No code implementations yet. Submit your code now

Tasks
Add Remove

Datasets

  Add Datasets introduced or used in this paper

Results from the Paper
Add Remove

  Submit results from this paper to get state-of-the-art GitHub badges and help the community compare results to other papers.

Methods
Add Remove

No methods listed for this paper. Add relevant methods here
Contact us on: hello@paperswithcode.com . Papers With Code is a free resource with all data licensed under CC-BY-SA.
Terms Data policy Cookies policy