A Simple Structure For Building A Robust Model

TL;DR

This paper introduces a simple neural network architecture that enhances robustness against adversarial attacks by incorporating an adversarial sample detection network and a multi-attack data sampling strategy, validated on CIFAR-10.

Contribution

The paper proposes a novel, straightforward architecture with an integrated adversarial detection network and a multi-attack sampling method to improve model robustness against various adversarial attacks.

Findings

Improved robustness on CIFAR-10 dataset.

Effective detection of adversarial samples.

Single training process adapts to multiple attacks.

Abstract

As deep learning applications, especially programs of computer vision, are increasingly deployed in our lives, we have to think more urgently about the security of these applications.One effective way to improve the security of deep learning models is to perform adversarial training, which allows the model to be compatible with samples that are deliberately created for use in attacking the model.Based on this, we propose a simple architecture to build a model with a certain degree of robustness, which improves the robustness of the trained network by adding an adversarial sample detection network for cooperative training. At the same time, we design a new data sampling strategy that incorporates multiple existing attacks, allowing the model to adapt to many different adversarial attacks with a single training.We conducted some experiments to test the effectiveness of this design based on Cifar10 dataset, and the results indicate that it has some degree of positive effect on the robustness of the model.Our code could be found at https://github.com/dowdyboy/simple_structure_for_robust_model .