Time-Efficient Evaluation and Enhancement of Adversarial Robustness in Deep Neural Networks

TL;DR

This paper proposes time-efficient methods to evaluate and improve the adversarial robustness of deep neural networks, addressing computational challenges in large-scale model security assessments.

Contribution

It introduces novel approaches that significantly reduce the computational cost of adversarial robustness evaluation and enhancement for large-scale DNNs.

Findings

Reduced evaluation time for adversarial robustness assessments

Improved methods for defending DNNs against adversarial attacks

Scalable techniques applicable to large neural network models

Abstract

With deep neural networks (DNNs) increasingly embedded in modern society, ensuring their safety has become a critical and urgent issue. In response, substantial efforts have been dedicated to the red-blue adversarial framework, where the red team focuses on identifying vulnerabilities in DNNs and the blue team on mitigating them. However, existing approaches from both teams remain computationally intensive, constraining their applicability to large-scale models. To overcome this limitation, this thesis endeavours to provide time-efficient methods for the evaluation and enhancement of adversarial robustness in DNNs.