Achieving Adversarial Robustness Requires an Active Teacher

Achieving Adversarial Robustness Requires an Active Teacher

Year:    2021

Author:    Chao Ma, Lexing Ying

Journal of Computational Mathematics, Vol. 39 (2021), Iss. 6 : pp. 880–896

Abstract

A new understanding of adversarial examples and adversarial robustness is proposed by decoupling the data generator and the label generator (which we call the teacher). In our framework, adversarial robustness is a conditional concept — the student model is not absolutely robust, but robust with respect to the teacher. Based on the new understanding, we claim that adversarial examples exist because the student cannot obtain sufficient information of the teacher from the training data. Various ways of achieving robustness is compared. Theoretical and numerical evidence shows that to efficiently attain robustness, a teacher that actively provides its information to the student may be necessary.

You do not have full access to this article.

Already a Subscriber? Sign in as an individual or via your institution

Journal Article Details

Publisher Name:    Global Science Press

Language:    English

DOI:    https://doi.org/10.4208/jcm.2105-m2020-0310

Journal of Computational Mathematics, Vol. 39 (2021), Iss. 6 : pp. 880–896

Published online:    2021-01

AMS Subject Headings:   

Copyright:    COPYRIGHT: © Global Science Press

Pages:    17

Keywords:    Adversarial robustness Decoupled supervised learning Active teacher.

Author Details

Chao Ma

Lexing Ying

  1. LDN-RC: a lightweight denoising network with residual connection to improve adversarial robustness

    Chai, Xiuli

    Wei, Tongtong

    Chen, Zhen

    He, Xin

    Gan, Zhihua

    Wu, Xiangjun

    (2022)

    https://doi.org/10.1007/s10489-022-03847-z [Citations: 1]