ScienceGate Book Chapters
JOURNAL ARTICLE

Towards Model Robustness and Generalization Against Adversarial Examples for Deep Neural Networks

Zhang, Shufei

Year: 2021 Journal:   University of Liverpool
DOI: 10.17638/03143498
   Get Full-Text PDF    Get Analytical Report

Abstract

Recent years have witnessed the remarkable success of deep neural network (DNN) models spanning a wide range of applications including image classification, image generation, object detection and natural language processing. Despite the impressive performance boosting over various learning tasks, DNNs are demonstrated to be strikingly vulnerable to certain well-crafted adversarial perturbations. While such perturbations are imperceptible to human, they can easily mislead the prediction of DNNs with high confidence. Along with the increasing deployment of DNN models in safety-critical scenarios, it becomes extremely crucial to ensure model robustness against potential adversarial attacks. One of the most popular methods to defend adversarial attacks is adversarial training method. In this thesis, we aim to provide new understanding on adversarial example and analyze the current adversarial training methods from perspectives of latent representation/distribution, smoothness, optimization and robustness generalization. Moreover, we also analyze the relationship between robustness and generalization. For latent representation adversarial examples, we focus on considering how to learn the robust representations and the latent distribution which retains the more structure information of clean data distribution. For smoothness, we describe two methods to promote the latent and output smoothness of deep neural networks and analyze the relationship between smoothness and robust generalization. For optimization of adversarial training, we analyze the drawback of adversarial training and introduce a better optimization method for adversarial training. For robustness generalization, we analyze why robustness generalization is hard to achieve and introduce a simple but effective method to improve the robustness generalization of adversarial training. Finally, we analyze the relationship between robustness and generalization theoretically and empirically.

Keywords:
Adversarial system Robustness (evolution) Deep neural networks Artificial neural network Deep learning Boosting (machine learning) Generalization

Metrics

0
Cited By
0.00
FWCI (Field Weighted Citation Impact)
0
Refs
0.29
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Topics

Adversarial Robustness in Machine Learning
Physical Sciences →  Computer Science →  Artificial Intelligence
Ethics and Social Impacts of AI
Social Sciences →  Social Sciences →  Safety Research
Explainable Artificial Intelligence (XAI)
Physical Sciences →  Computer Science →  Artificial Intelligence

Related Documents

JOURNAL ARTICLE

Pruning Deep Neural Networks Neurons for Improved Robustness against Adversarial Examples

Gyumin LimGihyuk KoSuyoung LeeSooel Son

Journal:   Journal of KIISE Year: 2023 Vol: 50 (7)Pages: 588-597
JOURNAL ARTICLE

IMPROVING ROBUSTNESS OF NEURAL NETWORKS AGAINST ADVERSARIAL EXAMPLES

Martin Gaňo

Journal:   Brno University of Technology Digital Library (Brno University of Technology) Year: 2020
JOURNAL ARTICLE

Towards robustifying deep neural networks against adversarial, fringe and distorted examples

Srinivasan, Vignesh

Journal:   Deposit Once (Technische Universität Berlin) Year: 2022
JOURNAL ARTICLE

Robustness against adversarial attacks on deep neural networks

Liu, Yi-Ling

Journal:   Spiral (Imperial College London) Year: 2021
DISSERTATION

Towards deep neural networks robust to adversarial examples

Alexander Matyasko

Year: 2020
© 2026 ScienceGate Book Chapters — All rights reserved.