Addressing Neural Network Robustness with Mixup and Targeted Labeling Adversarial Training

TL;DR

This paper introduces M-TLAT, a novel data augmentation method combining Mixup and targeted adversarial training, significantly improving neural network robustness against various corruptions and attacks without sacrificing accuracy.

Contribution

The paper presents M-TLAT, a new data augmentation strategy that integrates Mixup with Targeted Labeling Adversarial Training to enhance neural network robustness.

Findings

Increases robustness to nineteen common corruptions.

Improves resistance to five adversarial attacks.

Maintains accuracy on clean samples.

Abstract

Despite their performance, Artificial Neural Networks are not reliable enough for most of industrial applications. They are sensitive to noises, rotations, blurs and adversarial examples. There is a need to build defenses that protect against a wide range of perturbations, covering the most traditional common corruptions and adversarial examples. We propose a new data augmentation strategy called M-TLAT and designed to address robustness in a broad sense. Our approach combines the Mixup augmentation and a new adversarial training algorithm called Targeted Labeling Adversarial Training (TLAT). The idea of TLAT is to interpolate the target labels of adversarial examples with the ground-truth labels. We show that M-TLAT can increase the robustness of image classifiers towards nineteen common corruptions and five adversarial attacks, without reducing the accuracy on clean samples.