A Useful Taxonomy for Adversarial Robustness of Neural Networks

Abstract

Adversarial attacks and defenses are currently active areas of research for the deep learning community. A recent review paper divided the defense approaches into three categories; gradient masking, robust optimization, and adversarial example detection. We divide gradient masking and robust optimization differently: (1) increasing intra-class compactness and inter-class separation of the feature vectors improves adversarial robustness, and (2) marginalization or removal of non-robust image features also improves adversarial robustness. By reframing these topics differently, we provide a fresh perspective that provides insight into the underlying factors that enable training more robust networks and can help inspire.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 20, 2021
Accession Number
AD1120719

Entities

People

  • Leslie N. Smith

Organizations

  • United States Naval Research Laboratory

Tags

DTIC Thesaurus Topics

  • Artificial Intelligence
  • Artificial Intelligence Computing
  • Artificial Intelligence Software
  • Change Detection
  • Computer Programming
  • Computer Vision
  • Computers
  • Deep Learning
  • Department Of Defense
  • Detection
  • Detectors
  • Dimensionality Reduction
  • Generative Models
  • Information Operations
  • Information Systems
  • Learning
  • Machine Learning
  • Military Research
  • Models
  • Neural Networks
  • Optimization
  • Pattern Recognition
  • Preprocessing
  • Reasoning
  • Recognition
  • Taxonomy

Fields of Study

  • Computer science

Readers

  • Adaptive Control and Estimation with Uncertainty in Dynamic Systems.
  • Computer Vision.
  • Systems Analysis and Design

Technology Areas

  • AI & ML
  • AI & ML - Neural Networks