Show simple item record

dc.contributor.authorPerez, Juan C.
dc.contributor.authorAlfarra, Motasem
dc.contributor.authorJeanneret, Guillaume
dc.contributor.authorRueda, Laura
dc.contributor.authorThabet, Ali Kassem
dc.contributor.authorGhanem, Bernard
dc.contributor.authorArbelaez, Pablo
dc.date.accessioned2022-03-30T09:41:02Z
dc.date.available2021-08-02T11:24:35Z
dc.date.available2022-03-30T09:41:02Z
dc.date.issued2021-10
dc.identifier.citationPerez, J. C., Alfarra, M., Jeanneret, G., Rueda, L., Thabet, A., Ghanem, B., & Arbelaez, P. (2021). Enhancing Adversarial Robustness via Test-time Transformation Ensembling. 2021 IEEE/CVF International Conference on Computer Vision Workshops (ICCVW). doi:10.1109/iccvw54120.2021.00015
dc.identifier.isbn9781665401913
dc.identifier.issn1550-5499
dc.identifier.doi10.1109/iccvw54120.2021.00015
dc.identifier.urihttp://hdl.handle.net/10754/670356
dc.description.abstractDeep learning models are prone to being fooled by imperceptible perturbations known as adversarial attacks. In this work, we study how equipping models with Test-time Transformation Ensembling (TTE) can work as a reliable defense against such attacks. While transforming the input data, both at train and test times, is known to enhance model performance, its effects on adversarial robustness have not been studied. Here, we present a comprehensive empirical study of the impact of TTE, in the form of widely-used image transforms, on adversarial robustness. We show that TTE consistently improves model robustness against a variety of powerful attacks without any need for re-training, and that this improvement comes at virtually no trade-off with accuracy on clean samples. Finally, we show that the benefits of TTE transfer even to the certified robustness domain, in which TTE provides sizable and consistent improvements.
dc.description.sponsorshipThis work was partially supported by the King Abdullah University of Science and Technology (KAUST) Office of Sponsored Research.
dc.publisherIEEE
dc.relation.urlhttps://ieeexplore.ieee.org/document/9607771/
dc.rightsArchived with thanks to IEEE
dc.titleEnhancing Adversarial Robustness via Test-time Transformation Ensembling
dc.typeConference Paper
dc.contributor.departmentComputer, Electrical and Mathematical Science and Engineering (CEMSE) Division
dc.contributor.departmentElectrical and Computer Engineering
dc.contributor.departmentElectrical and Computer Engineering Program
dc.contributor.departmentGCR - Award Administration
dc.contributor.departmentIntegrative Activities
dc.contributor.departmentOffice of Competitive Research Funds
dc.contributor.departmentVCC Analytics Research Group
dc.contributor.departmentVisual Computing Center (VCC)
dc.conference.date2021-10-11 to 2021-10-17
dc.conference.name18th IEEE/CVF International Conference on Computer Vision Workshops, ICCVW 2021
dc.conference.locationVirtual, Online, CAN
dc.eprint.versionPre-print
dc.contributor.institutionUniversidad de los Andes, Center for Research and Formation in Artificial Intelligence
dc.identifier.volume2021-October
dc.identifier.pages81-91
dc.identifier.arxivid2107.14110
kaust.personPerez, Juan C.
kaust.personAlfarra, Motasem
kaust.personThabet, Ali Kassem
kaust.personGhanem, Bernard
dc.identifier.eid2-s2.0-85122450860
refterms.dateFOA2021-08-02T11:25:18Z
kaust.acknowledged.supportUnitOffice of Sponsored Research


Files in this item

Thumbnail
Name:
Preprintfile1.pdf
Size:
4.185Mb
Format:
PDF
Description:
Pre-print

This item appears in the following Collection(s)

Show simple item record

VersionItemEditorDateSummary

*Selected version