TL;DR
This paper investigates whether increasing shape bias in neural networks enhances their robustness against universal adversarial perturbations, finding that it does not significantly improve robustness but ensemble methods can help.
Contribution
The study provides a comprehensive analysis of the adversarial robustness of shape-biased models and proposes ensemble strategies to improve universal adversarial robustness.
Findings
Shape-biased models do not significantly improve adversarial robustness.
Ensembles of texture and shape-biased models enhance robustness.
Universal adversarial perturbations affect models regardless of shape bias.
Abstract
Increasing shape-bias in deep neural networks has been shown to improve robustness to common corruptions and noise. In this paper we analyze the adversarial robustness of texture and shape-biased models to Universal Adversarial Perturbations (UAPs). We use UAPs to evaluate the robustness of DNN models with varying degrees of shape-based training. We find that shape-biased models do not markedly improve adversarial robustness, and we show that ensembles of texture and shape-biased models can improve universal adversarial robustness while maintaining strong performance.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
