English
Related papers

Related papers: Multi-stage Optimization based Adversarial Trainin…

200 papers

Although fast adversarial training has demonstrated both robustness and efficiency, the problem of "catastrophic overfitting" has been observed. This is a phenomenon in which, during single-step adversarial training, the robust accuracy…

Machine Learning · Computer Science 2020-12-16 Hoki Kim , Woojin Lee , Jaewook Lee

There has been a recent surge in single-step adversarial training as it shows robustness and efficiency. However, a phenomenon referred to as ``catastrophic overfitting" has been observed, which is prevalent in single-step defenses and may…

Machine Learning · Computer Science 2022-10-12 Zhuorong Li , Daiwei Yu

Single-step adversarial training (AT) has received wide attention as it proved to be both efficient and robust. However, a serious problem of catastrophic overfitting exists, i.e., the robust accuracy against projected gradient descent…

Machine Learning · Computer Science 2022-03-23 Tao Li , Yingwen Wu , Sizhe Chen , Kun Fang , Xiaolin Huang

While adversarial training and its variants have shown to be the most effective algorithms to defend against adversarial attacks, their extremely slow training process makes it hard to scale to large datasets like ImageNet. The key idea of…

Machine Learning · Computer Science 2022-06-07 Zhichao Huang , Yanbo Fan , Chen Liu , Weizhong Zhang , Yong Zhang , Mathieu Salzmann , Sabine Süsstrunk , Jue Wang

Adversarial examples have become one of the largest challenges that machine learning models, especially neural network classifiers, face. These adversarial examples break the assumption of attack-free scenario and fool state-of-the-art…

Machine Learning · Computer Science 2020-02-28 Guanxiong Liu , Issa Khalil , Abdallah Khreishah

Standard adversarial training approaches suffer from robust overfitting where the robust accuracy decreases when models are adversarially trained for too long. The origin of this problem is still unclear and conflicting explanations have…

Machine Learning · Computer Science 2022-11-28 Muhammad Zaid Hameed , Beat Buesser

While adversarial training is an effective defense method against adversarial attacks, it notably increases the training cost. To this end, fast adversarial training (FAT) is presented for efficient training and has become a hot research…

Computer Vision and Pattern Recognition · Computer Science 2024-09-27 Jie Gui , Chengze Jiang , Minjing Dong , Kun Tong , Xinli Shi , Yuan Yan Tang , Dacheng Tao

Self-ensemble adversarial training methods improve model robustness by ensembling models at different training epochs, such as model weight averaging (WA). However, previous research has shown that self-ensemble defense methods in…

Machine Learning · Computer Science 2024-06-21 Zhaozhe Hu , Jia-Li Yin , Bin Chen , Luojun Lin , Bo-Hao Chen , Ximeng Liu

Fast adversarial training (FAT) is beneficial for improving the adversarial robustness of neural networks. However, previous FAT work has encountered a significant issue known as catastrophic overfitting when dealing with large perturbation…

Machine Learning · Computer Science 2023-08-25 Mengnan Zhao , Lihe Zhang , Yuqiu Kong , Baocai Yin

Adversarial training is arguably the most popular way to provide empirical robustness against specific adversarial examples. While variants based on multi-step attacks incur significant computational overhead, single-step variants are…

Machine Learning · Computer Science 2025-03-25 Alessandro De Palma , Serge Durand , Zakaria Chihani , François Terrier , Caterina Urban

Adversarial training and its many variants substantially improve deep network robustness, yet at the cost of compromising standard accuracy. Moreover, the training process is heavy and hence it becomes impractical to thoroughly explore the…

Computer Vision and Pattern Recognition · Computer Science 2020-11-11 Haotao Wang , Tianlong Chen , Shupeng Gui , Ting-Kuei Hu , Ji Liu , Zhangyang Wang

Adversarial training is an effective defense method to protect classification models against adversarial attacks. However, one limitation of this approach is that it can require orders of magnitude additional training time due to high cost…

Machine Learning · Computer Science 2020-07-03 Haizhong Zheng , Ziqi Zhang , Juncheng Gu , Honglak Lee , Atul Prakash

Adversarial training can improve the robustness of neural networks. Previous methods focus on a single adversarial training strategy and do not consider the model property trained by different strategies. By revisiting the previous methods,…

Computer Vision and Pattern Recognition · Computer Science 2023-03-28 Xingbin Liu , Huafeng Kuang , Xianming Lin , Yongjian Wu , Rongrong Ji

Adversarial training is so far the most effective strategy in defending against adversarial examples. However, it suffers from high computational costs due to the iterative adversarial attacks in each training step. Recent studies show that…

Machine Learning · Computer Science 2022-01-03 Jinghui Chen , Yu Cheng , Zhe Gan , Quanquan Gu , Jingjing Liu

Adversarial training (AT) with projected gradient descent is the most popular method to improve model robustness under adversarial attacks. However, computational overheads become prohibitively large when AT is applied to large backbone…

Machine Learning · Computer Science 2025-08-26 Quanwei Wu , Jun Guo , Wei Wang , Yi Wang

Adversarial training, as one of the most effective defense methods against adversarial attacks, tends to learn an inclusive decision boundary to increase the robustness of deep learning models. However, due to the large and unnecessary…

Computer Vision and Pattern Recognition · Computer Science 2022-07-19 Xiaoyu Liang , Yaguan Qian , Jianchang Huang , Xiang Ling , Bin Wang , Chunming Wu , Wassim Swaileh

Fast adversarial training (FAT) is an efficient method to improve robustness. However, the original FAT suffers from catastrophic overfitting, which dramatically and suddenly reduces robustness after a few training epochs. Although various…

Machine Learning · Computer Science 2023-04-07 Xiaojun Jia , Yong Zhang , Xingxing Wei , Baoyuan Wu , Ke Ma , Jue Wang , Xiaochun Cao

Recent studies have shown that robustness to adversarial attacks can be transferred across networks. In other words, we can make a weak model more robust with the help of a strong teacher model. We ask if instead of learning from a static…

Machine Learning · Computer Science 2023-02-13 Jiang Liu , Chun Pong Lau , Hossein Souri , Soheil Feizi , Rama Chellappa

Adversarial training (AT) is one of the most effective strategies for promoting model robustness. However, recent benchmarks show that most of the proposed improvements on AT are less effective than simply early stopping the training…

Machine Learning · Computer Science 2021-04-01 Tianyu Pang , Xiao Yang , Yinpeng Dong , Hang Su , Jun Zhu

Although fast adversarial training provides an efficient approach for building robust networks, it may suffer from a serious problem known as catastrophic overfitting (CO), where multi-step robust accuracy suddenly collapses to zero. In…

Machine Learning · Computer Science 2023-03-27 Zhengbao He , Tao Li , Sizhe Chen , Xiaolin Huang
‹ Prev 1 2 3 10 Next ›