Enhancing Adversarial Robustness of Deep Neural Networks Through Supervised Contrastive Learning

TL;DR

This paper introduces a new framework combining supervised contrastive learning and margin-based contrastive loss to improve the adversarial robustness of deep neural networks, demonstrated on CIFAR-100 with ResNet-18.

Contribution

It proposes a novel combination of supervised contrastive learning and margin-based contrastive loss to enhance feature space structure and decision boundary robustness against adversarial attacks.

Findings

Improved adversarial accuracy under FGSM attacks on CIFAR-100.

Enhanced feature clustering within classes and separation between classes.

Robust decision boundaries with well-defined margins.

Abstract

Adversarial attacks exploit the vulnerabilities of convolutional neural networks by introducing imperceptible perturbations that lead to misclassifications, exposing weaknesses in feature representations and decision boundaries. This paper presents a novel framework combining supervised contrastive learning and margin-based contrastive loss to enhance adversarial robustness. Supervised contrastive learning improves the structure of the feature space by clustering embeddings of samples within the same class and separating those from different classes. Margin-based contrastive loss, inspired by support vector machines, enforces explicit constraints to create robust decision boundaries with well-defined margins. Experiments on the CIFAR-100 dataset with a ResNet-18 backbone demonstrate robustness performance improvements in adversarial accuracy under Fast Gradient Sign Method attacks.