SOAR: 二阶对抗正则化

Apr, 2020

Adversarial Robustness through Regularization: A Second-Order Approach

Avery Ma, Fartash Faghri, Amir-massoud Farahmand

TL;DR本文提出了一种新颖的正则化方法SOAR，它是基于强健优化架构中内向最大值的Taylor近似推导的上界，实验证明其在对抗样本的生成和鲁棒性上能够显著提高深度神经网络的性能。

Abstract

adversarial training is a common approach to improving the robustness of deep neural networks against adversarial examples. In this work, we propose a novel →