Saved in:
Bibliographic Details
Main Authors: Chen, Erh-Chung, Chen, Pin-Yu, Chung, I-Hsin, Lee, Che-Rung
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2406.19622
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914171009892352
author Chen, Erh-Chung
Chen, Pin-Yu
Chung, I-Hsin
Lee, Che-Rung
author_facet Chen, Erh-Chung
Chen, Pin-Yu
Chung, I-Hsin
Lee, Che-Rung
contents As deep neural networks (DNNs) are increasingly deployed in sensitive applications, ensuring their security and robustness has become critical. A major threat to DNNs arises from adversarial attacks, where small input perturbations can lead to incorrect predictions. Recent advances in adversarial training improve robustness by incorporating additional examples from external datasets or generative models. However, these methods often incur high computational costs, limiting their practicality and hindering real-world deployment. In this paper, we propose a cost-efficient alternative based on Lipschitz continuity that achieves robustness comparable to models trained with extensive supplementary data. Unlike conventional adversarial training, our method requires only a single pass over the dataset without gradient estimation, making it highly efficient. Furthermore, our method can integrate seamlessly with existing adversarial training frameworks and enhances the robustness of models without requiring extra generative data. Experimental results show that our approach not only reduces computational overhead but also maintains or improves the defensive capabilities of robust neural networks. This work opens a promising direction for developing practical, scalable defenses against adversarial attacks.
format Preprint
id arxiv_https___arxiv_org_abs_2406_19622
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Data-Driven Lipschitz Continuity: A Cost-Effective Approach to Improve Adversarial Robustness
Chen, Erh-Chung
Chen, Pin-Yu
Chung, I-Hsin
Lee, Che-Rung
Machine Learning
Artificial Intelligence
As deep neural networks (DNNs) are increasingly deployed in sensitive applications, ensuring their security and robustness has become critical. A major threat to DNNs arises from adversarial attacks, where small input perturbations can lead to incorrect predictions. Recent advances in adversarial training improve robustness by incorporating additional examples from external datasets or generative models. However, these methods often incur high computational costs, limiting their practicality and hindering real-world deployment. In this paper, we propose a cost-efficient alternative based on Lipschitz continuity that achieves robustness comparable to models trained with extensive supplementary data. Unlike conventional adversarial training, our method requires only a single pass over the dataset without gradient estimation, making it highly efficient. Furthermore, our method can integrate seamlessly with existing adversarial training frameworks and enhances the robustness of models without requiring extra generative data. Experimental results show that our approach not only reduces computational overhead but also maintains or improves the defensive capabilities of robust neural networks. This work opens a promising direction for developing practical, scalable defenses against adversarial attacks.
title Data-Driven Lipschitz Continuity: A Cost-Effective Approach to Improve Adversarial Robustness
topic Machine Learning
Artificial Intelligence
url https://arxiv.org/abs/2406.19622