CAT: Customized Adversarial Training for Improved Robustness
Minhao Cheng, Qi Lei, Pin-Yu Chen, Inderjit Dhillon, Cho-Jui Hsieh
TL;DR
This paper introduces Customized Adversarial Training (CAT), an adaptive method that improves neural network robustness by customizing perturbation levels and labels for each sample, leading to better accuracy.
Contribution
The paper presents a novel adaptive adversarial training algorithm that enhances robustness and generalization over existing methods.
Findings
Achieves higher clean and robust accuracy than previous methods
Effectively customizes perturbation levels and labels per sample
Demonstrates superior performance through extensive experiments
Abstract
Adversarial training has become one of the most effective methods for improving robustness of neural networks. However, it often suffers from poor generalization on both clean and perturbed data. In this paper, we propose a new algorithm, named Customized Adversarial Training (CAT), which adaptively customizes the perturbation level and the corresponding label for each training sample in adversarial training. We show that the proposed algorithm achieves better clean and robust accuracy than previous adversarial training methods through extensive experiments.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Anomaly Detection Techniques and Applications · Machine Learning and Data Classification