Toward Intrinsic Adversarial Robustness Through Probabilistic Training | IEEE Journals & Magazine | IEEE Xplore

Toward Intrinsic Adversarial Robustness Through Probabilistic Training


Abstract:

Modern deep neural networks have made numerous breakthroughs in real-world applications, yet they remain vulnerable to some imperceptible adversarial perturbations. These...Show More

Abstract:

Modern deep neural networks have made numerous breakthroughs in real-world applications, yet they remain vulnerable to some imperceptible adversarial perturbations. These tailored perturbations can severely disrupt the inference of current deep learning-based methods and may induce potential security hazards to artificial intelligence applications. So far, adversarial training methods have achieved excellent robustness against various adversarial attacks by involving adversarial examples during the training stage. However, existing methods primarily rely on optimizing injective adversarial examples correspondingly generated from natural examples, ignoring potential adversaries in the adversarial domain. This optimization bias can induce the overfitting of the suboptimal decision boundary, which heavily jeopardizes adversarial robustness. To address this issue, we propose Adversarial Probabilistic Training (APT) to bridge the distribution gap between the natural and adversarial examples via modeling the latent adversarial distribution. Instead of tedious and costly adversary sampling to form the probabilistic domain, we estimate the adversarial distribution parameters in the feature level for efficiency. Moreover, we decouple the distribution alignment based on the adversarial probability model and the original adversarial example. We then devise a novel reweighting mechanism for the distribution alignment by considering the adversarial strength and the domain uncertainty. Extensive experiments demonstrate the superiority of our adversarial probabilistic training method against various types of adversarial attacks in different datasets and scenarios.
Published in: IEEE Transactions on Image Processing ( Volume: 32)
Page(s): 3862 - 3872
Date of Publication: 10 July 2023

ISSN Information:

PubMed ID: 37428673

Funding Agency:

Author image of Junhao Dong
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Junhao Dong received the B.S. degree in computer science and technology from Fuzhou University, Fuzhou, China, in 2020. He is currently pursuing the M.S. degree in computer science and technology from Sun Yat-sen University, Guangzhou, China. His research interests include adversarial machine learning, few-shot learning, and face recognition.
Junhao Dong received the B.S. degree in computer science and technology from Fuzhou University, Fuzhou, China, in 2020. He is currently pursuing the M.S. degree in computer science and technology from Sun Yat-sen University, Guangzhou, China. His research interests include adversarial machine learning, few-shot learning, and face recognition.View more
Author image of Lingxiao Yang
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Lingxiao Yang received the Ph.D. degree from The Hong Kong Polytechnic University, China, in March 2020. His research interests include computer vision and machine learning with a focus on object recognition, video understanding, and brain-inspired computational model.
Lingxiao Yang received the Ph.D. degree from The Hong Kong Polytechnic University, China, in March 2020. His research interests include computer vision and machine learning with a focus on object recognition, video understanding, and brain-inspired computational model.View more
Author image of Yuan Wang
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Yuan Wang received the B.S. degree in computer science and technology from Fuzhou University, Fuzhou, China, in 2020, and the M.S. degree in computer technology from Sun Yat-sen University, Guangzhou, China, in 2022. His research interests include person re-identification, image generation, and face recognition.
Yuan Wang received the B.S. degree in computer science and technology from Fuzhou University, Fuzhou, China, in 2020, and the M.S. degree in computer technology from Sun Yat-sen University, Guangzhou, China, in 2022. His research interests include person re-identification, image generation, and face recognition.View more
Author image of Xiaohua Xie
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Xiaohua Xie (Member, IEEE) received the Ph.D. degree in applied mathematics from Sun Yat-sen University, China, in 2010. He was an Associate Professor with the Shenzhen Institutes of Advanced Technology (SIAT), Chinese Academy of Sciences. He is currently an Associate Professor with Sun Yat-sen University. His current research interests include image processing, computer vision, pattern recognition, and machine learning.
Xiaohua Xie (Member, IEEE) received the Ph.D. degree in applied mathematics from Sun Yat-sen University, China, in 2010. He was an Associate Professor with the Shenzhen Institutes of Advanced Technology (SIAT), Chinese Academy of Sciences. He is currently an Associate Professor with Sun Yat-sen University. His current research interests include image processing, computer vision, pattern recognition, and machine learning.View more
Author image of Jianhuang Lai
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Jianhuang Lai (Senior Member, IEEE) received the Ph.D. degree in mathematics from Sun Yat-sen University, China, in 1999. In 1989, he joined Sun Yat-sen University as an Assistant Professor, where he is currently a Professor with the School of Computer science and Engineering. He has published over 250 scientific papers in the international journals and conferences on image processing and pattern recognition. His current ...Show More
Jianhuang Lai (Senior Member, IEEE) received the Ph.D. degree in mathematics from Sun Yat-sen University, China, in 1999. In 1989, he joined Sun Yat-sen University as an Assistant Professor, where he is currently a Professor with the School of Computer science and Engineering. He has published over 250 scientific papers in the international journals and conferences on image processing and pattern recognition. His current ...View more

Author image of Junhao Dong
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Junhao Dong received the B.S. degree in computer science and technology from Fuzhou University, Fuzhou, China, in 2020. He is currently pursuing the M.S. degree in computer science and technology from Sun Yat-sen University, Guangzhou, China. His research interests include adversarial machine learning, few-shot learning, and face recognition.
Junhao Dong received the B.S. degree in computer science and technology from Fuzhou University, Fuzhou, China, in 2020. He is currently pursuing the M.S. degree in computer science and technology from Sun Yat-sen University, Guangzhou, China. His research interests include adversarial machine learning, few-shot learning, and face recognition.View more
Author image of Lingxiao Yang
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Lingxiao Yang received the Ph.D. degree from The Hong Kong Polytechnic University, China, in March 2020. His research interests include computer vision and machine learning with a focus on object recognition, video understanding, and brain-inspired computational model.
Lingxiao Yang received the Ph.D. degree from The Hong Kong Polytechnic University, China, in March 2020. His research interests include computer vision and machine learning with a focus on object recognition, video understanding, and brain-inspired computational model.View more
Author image of Yuan Wang
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Yuan Wang received the B.S. degree in computer science and technology from Fuzhou University, Fuzhou, China, in 2020, and the M.S. degree in computer technology from Sun Yat-sen University, Guangzhou, China, in 2022. His research interests include person re-identification, image generation, and face recognition.
Yuan Wang received the B.S. degree in computer science and technology from Fuzhou University, Fuzhou, China, in 2020, and the M.S. degree in computer technology from Sun Yat-sen University, Guangzhou, China, in 2022. His research interests include person re-identification, image generation, and face recognition.View more
Author image of Xiaohua Xie
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Xiaohua Xie (Member, IEEE) received the Ph.D. degree in applied mathematics from Sun Yat-sen University, China, in 2010. He was an Associate Professor with the Shenzhen Institutes of Advanced Technology (SIAT), Chinese Academy of Sciences. He is currently an Associate Professor with Sun Yat-sen University. His current research interests include image processing, computer vision, pattern recognition, and machine learning.
Xiaohua Xie (Member, IEEE) received the Ph.D. degree in applied mathematics from Sun Yat-sen University, China, in 2010. He was an Associate Professor with the Shenzhen Institutes of Advanced Technology (SIAT), Chinese Academy of Sciences. He is currently an Associate Professor with Sun Yat-sen University. His current research interests include image processing, computer vision, pattern recognition, and machine learning.View more
Author image of Jianhuang Lai
School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou, China
Guangdong Province Key Laboratory of Information Security Technology, Guangzhou, China
Key Laboratory of Machine Intelligence and Advanced Computing, Ministry of Education, Guangzhou, China
Jianhuang Lai (Senior Member, IEEE) received the Ph.D. degree in mathematics from Sun Yat-sen University, China, in 1999. In 1989, he joined Sun Yat-sen University as an Assistant Professor, where he is currently a Professor with the School of Computer science and Engineering. He has published over 250 scientific papers in the international journals and conferences on image processing and pattern recognition. His current research interests include computer vision, pattern recognition, and its applications. He serves as the Deputy Director of the Image and Graphics Association of China.
Jianhuang Lai (Senior Member, IEEE) received the Ph.D. degree in mathematics from Sun Yat-sen University, China, in 1999. In 1989, he joined Sun Yat-sen University as an Assistant Professor, where he is currently a Professor with the School of Computer science and Engineering. He has published over 250 scientific papers in the international journals and conferences on image processing and pattern recognition. His current research interests include computer vision, pattern recognition, and its applications. He serves as the Deputy Director of the Image and Graphics Association of China.View more

References

References is not available for this document.