AutoJoin: Efficient Adversarial Training against Gradient-Free Perturbations for Robust Maneuvering via Denoising Autoencoder and Joint Learning

TL;DR

AutoJoin is a novel gradient-free adversarial training method that enhances robustness of image-based maneuvering models against perturbations, significantly improving performance and efficiency through joint learning of denoising and control tasks.

Contribution

The paper introduces AutoJoin, a denoising autoencoder-based adversarial training approach that achieves superior robustness and efficiency for perception-to-control systems without relying on gradient-based attacks.

Findings

Up to 40% performance improvement against perturbations.

Up to 300% improvement on clean data performance.

Reduces training time by 86% and data requirements by 90%.

Abstract

With the growing use of machine learning algorithms and ubiquitous sensors, many `perception-to-control' systems are being developed and deployed. To ensure their trustworthiness, improving their robustness through adversarial training is one potential approach. We propose a gradient-free adversarial training technique, named AutoJoin, to effectively and efficiently produce robust models for image-based maneuvering. Compared to other state-of-the-art methods with testing on over 5M images, AutoJoin achieves significant performance increases up to the 40% range against perturbations while improving on clean performance up to 300%. AutoJoin is also highly efficient, saving up to 86% time per training epoch and 90% training data over other state-of-the-art techniques. The core idea of AutoJoin is to use a decoder attachment to the original regression model creating a denoising autoencoder within the architecture. This architecture allows the tasks `maneuvering' and `denoising sensor input' to be jointly learnt and reinforce each other's performance.