ClusTR: Clustering Training for Robustness

Thumbnail
Name:
Preprintfile1.pdf
Size:
1.229Mb
Format:
PDF
Description:
Pre-print
Download
Type
Preprint
Authors
Alfarra, Motasem
Pérez, Juan C.
Bibi, Adel cc
Thabet, Ali Kassem cc
Arbeláez, Pablo
Ghanem, Bernard cc
KAUST Department
Electrical Engineering
Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
Electrical Engineering Program
Visual Computing Center (VCC)
KAUST.
Date
2020-06-13
Permanent link to this record
http://hdl.handle.net/10754/666190

Metadata
Show full item record
Abstract
This paper studies how encouraging semantically-aligned features during deep neural network training can increase network robustness. Recent works observed that Adversarial Training leads to robust models, whose learnt features appear to correlate with human perception. Inspired by this connection from robustness to semantics, we study the complementary connection: from semantics to robustness. To do so, we provide a tight robustness certificate for distance-based classification models (clustering-based classifiers), which we leverage to propose ClusTR (Clustering Training for Robustness), a clustering-based and adversary-free training framework to learn robust models. Interestingly, ClusTR outperforms adversarially-trained networks by up to 4\% under strong PGD attacks. Moreover, it can be equipped with simple and fast adversarial training to improve the current state-of-the-art in robustness by 16\%-29\% on CIFAR10, SVHN, and CIFAR100.
Publisher
arXiv
arXiv
2006.07682
Additional Links
https://arxiv.org/pdf/2006.07682
Collections
Preprints; Electrical Engineering Program; Visual Computing Center (VCC); Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division