Adversarial Self-Supervised Contrastive Learning
Minseon Kim, Jihoon Tack, Sung Ju Hwang
TL;DR
This paper introduces RoCL, a self-supervised contrastive learning method that trains neural networks to be robust against adversarial attacks without using class labels, achieving competitive robustness and transferability.
Contribution
The paper proposes a novel self-supervised adversarial training framework that does not require class labels, improving robustness and transferability of neural networks.
Findings
RoCL achieves comparable robust accuracy to supervised methods.
RoCL significantly improves robustness against black box and unseen attacks.
Joint fine-tuning enhances the model's robustness further.
Abstract
Existing adversarial learning approaches mostly use class labels to generate adversarial samples that lead to incorrect predictions, which are then used to augment the training of the model for improved robustness. While some recent works propose semi-supervised adversarial learning methods that utilize unlabeled data, they still require class labels. However, do we really need class labels at all, for adversarially robust training of deep neural networks? In this paper, we propose a novel adversarial attack for unlabeled data, which makes the model confuse the instance-level identities of the perturbed data samples. Further, we present a self-supervised contrastive learning framework to adversarially train a robust neural network without labeled data, which aims to maximize the similarity between a random augmentation of a data sample and its instance-wise adversarial perturbation. We…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Domain Adaptation and Few-Shot Learning · Anomaly Detection Techniques and Applications