Robust Proxy: Improving Adversarial Robustness by Robust Proxy Learning

TL;DR

This paper introduces Robust Proxy Learning, a novel training framework that enhances adversarial robustness of deep neural networks by explicitly learning robust feature representations through class-wise robust proxies.

Contribution

It proposes a new method to generate class-representative robust features and uses them as proxies to improve adversarial robustness, filling a gap in understanding robust feature learning.

Findings

The method can generate class-representative robust features.

Robust Proxy Learning increases the adversarial robustness of DNNs.

Extensive experiments verify the effectiveness of the approach.

Abstract

Recently, it has been widely known that deep neural networks are highly vulnerable and easily broken by adversarial attacks. To mitigate the adversarial vulnerability, many defense algorithms have been proposed. Recently, to improve adversarial robustness, many works try to enhance feature representation by imposing more direct supervision on the discriminative feature. However, existing approaches lack an understanding of learning adversarially robust feature representation. In this paper, we propose a novel training framework called Robust Proxy Learning. In the proposed method, the model explicitly learns robust feature representations with robust proxies. To this end, firstly, we demonstrate that we can generate class-representative robust features by adding class-wise robust perturbations. Then, we use the class representative features as robust proxies. With the class-wise robust features, the model explicitly learns adversarially robust features through the proposed robust proxy learning framework. Through extensive experiments, we verify that we can manually generate robust features, and our proposed learning framework could increase the robustness of the DNNs.