Detailed Information
Cited 0 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
EXPLOITING DOUBLY ADVERSARIAL EXAMPLES FOR IMPROVING ADVERSARIAL ROBUSTNESS
- Authors
- Byun, Junyoung; Go, Hyojun; Cho, Seungju; Kim, Changick
- Issue Date
- 2022
- Publisher
- IEEE
- Keywords
- Adversarial training; Robustness
- Citation
- 2022 IEEE INTERNATIONAL CONFERENCE ON IMAGE PROCESSING, ICIP, pp 1331 - 1335
- Pages
- 5
- Journal Title
- 2022 IEEE INTERNATIONAL CONFERENCE ON IMAGE PROCESSING, ICIP
- Start Page
- 1331
- End Page
- 1335
- ISSN
- 1522-4880
- Abstract
- Deep neural networks have shown outstanding performance in various areas, but adversarial examples can easily fool them. Although strong adversarial attacks have defeated diverse adversarial defense methods, adversarial training, which augments training data with adversarial examples, remains an effective defense strategy. To further improve adversarial robustness, this paper exploits adversarial examples of adversarial examples. We observe that these doubly adversarial examples tend to return to the original prediction on the clean images but sometimes drift toward other classes. From this finding, we propose a regularization loss that prevents these drifts, which mitigates the vulnerability against multi-targeted attacks. Experimental results on the CIFAR-10 and CIFAR-100 datasets empirically show that the proposed loss improves adversarial robustness.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - ETC > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.