Improving the Robustness of Neural Networks Using K-Support Norm Based Adversarial Training
It is of significant importance for any classification and recognition system, which claims near or better than human performance to be immune to small perturbations in the dataset. Researchers found out that neural networks are not very robust to small perturbations and can easily be fooled to pers...
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2016-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/7795200/ |
| id |
doaj-1d1a9520926d4b029069122640b77591 |
|---|---|
| record_format |
Article |
| spelling |
doaj-1d1a9520926d4b029069122640b775912021-03-29T19:49:00ZengIEEEIEEE Access2169-35362016-01-0149501951110.1109/ACCESS.2016.26436787795200Improving the Robustness of Neural Networks Using K-Support Norm Based Adversarial TrainingSheikh Waqas Akhtar0https://orcid.org/0000-0001-7085-7905Saad Rehman1Mahmood Akhtar2Muazzam A. Khan3Farhan Riaz4Qaiser Chaudry5Rupert Young6National University of Sciences and Technology, Islamabad, PakistanNational University of Sciences and Technology, Islamabad, PakistanNational University of Sciences and Technology, Islamabad, PakistanNational University of Sciences and Technology, Islamabad, PakistanNational University of Sciences and Technology, Islamabad, PakistanGeorgia Institute of Technology, Atlanta, GA, USAUniversity of Sussex, Brighton, U.K.It is of significant importance for any classification and recognition system, which claims near or better than human performance to be immune to small perturbations in the dataset. Researchers found out that neural networks are not very robust to small perturbations and can easily be fooled to persistently misclassify by adding a particular class of noise in the test data. This, so-called adversarial noise severely deteriorates the performance of neural networks, which otherwise perform really well on unperturbed dataset. It has been recently proposed that neural networks can be made robust against adversarial noise by training them using the data corrupted with adversarial noise itself. Following this approach, in this paper, we propose a new mechanism to generate a powerful adversarial noise model based on K-support norm to train neural networks. We tested our approach on two benchmark datasets, namely the MNIST and STL-10, using muti-layer perceptron and convolutional neural networks. Experimental results demonstrate that neural networks trained with the proposed technique show significant improvement in robustness as compared to state-of-the-art techniques.https://ieeexplore.ieee.org/document/7795200/K-Support normrobutnessgeneralizationconvolutional neural networksadversarial |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Sheikh Waqas Akhtar Saad Rehman Mahmood Akhtar Muazzam A. Khan Farhan Riaz Qaiser Chaudry Rupert Young |
| spellingShingle |
Sheikh Waqas Akhtar Saad Rehman Mahmood Akhtar Muazzam A. Khan Farhan Riaz Qaiser Chaudry Rupert Young Improving the Robustness of Neural Networks Using K-Support Norm Based Adversarial Training IEEE Access K-Support norm robutness generalization convolutional neural networks adversarial |
| author_facet |
Sheikh Waqas Akhtar Saad Rehman Mahmood Akhtar Muazzam A. Khan Farhan Riaz Qaiser Chaudry Rupert Young |
| author_sort |
Sheikh Waqas Akhtar |
| title |
Improving the Robustness of Neural Networks Using K-Support Norm Based Adversarial Training |
| title_short |
Improving the Robustness of Neural Networks Using K-Support Norm Based Adversarial Training |
| title_full |
Improving the Robustness of Neural Networks Using K-Support Norm Based Adversarial Training |
| title_fullStr |
Improving the Robustness of Neural Networks Using K-Support Norm Based Adversarial Training |
| title_full_unstemmed |
Improving the Robustness of Neural Networks Using K-Support Norm Based Adversarial Training |
| title_sort |
improving the robustness of neural networks using k-support norm based adversarial training |
| publisher |
IEEE |
| series |
IEEE Access |
| issn |
2169-3536 |
| publishDate |
2016-01-01 |
| description |
It is of significant importance for any classification and recognition system, which claims near or better than human performance to be immune to small perturbations in the dataset. Researchers found out that neural networks are not very robust to small perturbations and can easily be fooled to persistently misclassify by adding a particular class of noise in the test data. This, so-called adversarial noise severely deteriorates the performance of neural networks, which otherwise perform really well on unperturbed dataset. It has been recently proposed that neural networks can be made robust against adversarial noise by training them using the data corrupted with adversarial noise itself. Following this approach, in this paper, we propose a new mechanism to generate a powerful adversarial noise model based on K-support norm to train neural networks. We tested our approach on two benchmark datasets, namely the MNIST and STL-10, using muti-layer perceptron and convolutional neural networks. Experimental results demonstrate that neural networks trained with the proposed technique show significant improvement in robustness as compared to state-of-the-art techniques. |
| topic |
K-Support norm robutness generalization convolutional neural networks adversarial |
| url |
https://ieeexplore.ieee.org/document/7795200/ |
| work_keys_str_mv |
AT sheikhwaqasakhtar improvingtherobustnessofneuralnetworksusingksupportnormbasedadversarialtraining AT saadrehman improvingtherobustnessofneuralnetworksusingksupportnormbasedadversarialtraining AT mahmoodakhtar improvingtherobustnessofneuralnetworksusingksupportnormbasedadversarialtraining AT muazzamakhan improvingtherobustnessofneuralnetworksusingksupportnormbasedadversarialtraining AT farhanriaz improvingtherobustnessofneuralnetworksusingksupportnormbasedadversarialtraining AT qaiserchaudry improvingtherobustnessofneuralnetworksusingksupportnormbasedadversarialtraining AT rupertyoung improvingtherobustnessofneuralnetworksusingksupportnormbasedadversarialtraining |
| _version_ |
1724195591382106112 |