Adaptive Retraining for Neural Network Robustness in Classification

Neural network robustness has been a hot research topic since the discovery of adversarial examples. With the increasing threats posed by adversarial examples in safety-critical AI applications, the research problem of how to boost the robustness of neural networks has drawn even more attention in r...

Full description

Saved in:
Bibliographic Details
Main Authors: Yao, Ruozhu, Huang, Chengqiang, Hu, Zheng, Pei, Ke
Format: Conference Proceeding
Language:English
Subjects:
Machine learning
Neural networks
Perturbation methods
Robustness
Subspace constraints
Toy manufacturing industry
Training
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Neural network robustness has been a hot research topic since the discovery of adversarial examples. With the increasing threats posed by adversarial examples in safety-critical AI applications, the research problem of how to boost the robustness of neural networks has drawn even more attention in recent years. In this paper, we argue that existing methods for neural network robustness optimization primarily focus on increasing the minimum adversarial perturbation of individual datum while neglecting the purpose of the target machine learning task, i.e., classification. Consequently, we propose a neural network retraining method which implicitly enhances a model's capability in maximizing the minimum distance from data instances of all classes to the decision boundary. As demonstrated by the experiments, our method succeeds in improving the robustness of pre-trained neural networks within only a few retraining epochs while imposing little negative effect on classification accuracy, thus being applicable for online optimization of neural networks.
ISSN:2161-4407
DOI:10.1109/IJCNN52387.2021.9534294