Particle-based Adversarial Local Distribution Regularization

Thanh Nguyen-Duc, Trung Le, He Zhao, Jianfei Cai, Dinh Phung
Proceedings of The 25th International Conference on Artificial Intelligence and Statistics, PMLR 151:5212-5224, 2022.

Abstract

Adversarial training defense (ATD) and virtual adversarial training (VAT) are the two most effective methods to improve model robustness against attacks and model generalization. While ATD is usually applied in robust machine learning, VAT is used in semi-supervised learning and domain adaption. In this paper, we introduce a novel adversarial local distribution regularization. The adversarial local distribution is defined by a set of all adversarial examples within a ball constraint given a natural input. We illustrate this regularization is a general form of previous methods (e.g., PGD, TRADES, VAT and VADA). We conduct comprehensive experiments on MNIST, SVHN and CIFAR10 to illustrate that our method outperforms well-known methods such as PGD, TRADES and ADT in robust machine learning, VAT in semi-supervised learning and VADA in domain adaption. Our implementation is on Github: https://github.com/PotatoThanh/ALD-Regularization.

Cite this Paper

BibTeX
@InProceedings{pmlr-v151-nguyen-duc22a, title = { Particle-based Adversarial Local Distribution Regularization }, author = {Nguyen-Duc, Thanh and Le, Trung and Zhao, He and Cai, Jianfei and Phung, Dinh}, booktitle = {Proceedings of The 25th International Conference on Artificial Intelligence and Statistics}, pages = {5212--5224}, year = {2022}, editor = {Camps-Valls, Gustau and Ruiz, Francisco J. R. and Valera, Isabel}, volume = {151}, series = {Proceedings of Machine Learning Research}, month = {28--30 Mar}, publisher = {PMLR}, pdf = {https://proceedings.mlr.press/v151/nguyen-duc22a/nguyen-duc22a.pdf}, url = {https://proceedings.mlr.press/v151/nguyen-duc22a.html}, abstract = { Adversarial training defense (ATD) and virtual adversarial training (VAT) are the two most effective methods to improve model robustness against attacks and model generalization. While ATD is usually applied in robust machine learning, VAT is used in semi-supervised learning and domain adaption. In this paper, we introduce a novel adversarial local distribution regularization. The adversarial local distribution is defined by a set of all adversarial examples within a ball constraint given a natural input. We illustrate this regularization is a general form of previous methods (e.g., PGD, TRADES, VAT and VADA). We conduct comprehensive experiments on MNIST, SVHN and CIFAR10 to illustrate that our method outperforms well-known methods such as PGD, TRADES and ADT in robust machine learning, VAT in semi-supervised learning and VADA in domain adaption. Our implementation is on Github: https://github.com/PotatoThanh/ALD-Regularization. } }
Endnote
%0 Conference Paper %T Particle-based Adversarial Local Distribution Regularization %A Thanh Nguyen-Duc %A Trung Le %A He Zhao %A Jianfei Cai %A Dinh Phung %B Proceedings of The 25th International Conference on Artificial Intelligence and Statistics %C Proceedings of Machine Learning Research %D 2022 %E Gustau Camps-Valls %E Francisco J. R. Ruiz %E Isabel Valera %F pmlr-v151-nguyen-duc22a %I PMLR %P 5212--5224 %U https://proceedings.mlr.press/v151/nguyen-duc22a.html %V 151 %X Adversarial training defense (ATD) and virtual adversarial training (VAT) are the two most effective methods to improve model robustness against attacks and model generalization. While ATD is usually applied in robust machine learning, VAT is used in semi-supervised learning and domain adaption. In this paper, we introduce a novel adversarial local distribution regularization. The adversarial local distribution is defined by a set of all adversarial examples within a ball constraint given a natural input. We illustrate this regularization is a general form of previous methods (e.g., PGD, TRADES, VAT and VADA). We conduct comprehensive experiments on MNIST, SVHN and CIFAR10 to illustrate that our method outperforms well-known methods such as PGD, TRADES and ADT in robust machine learning, VAT in semi-supervised learning and VADA in domain adaption. Our implementation is on Github: https://github.com/PotatoThanh/ALD-Regularization.
APA
Nguyen-Duc, T., Le, T., Zhao, H., Cai, J. & Phung, D.. (2022). Particle-based Adversarial Local Distribution Regularization . Proceedings of The 25th International Conference on Artificial Intelligence and Statistics, in Proceedings of Machine Learning Research 151:5212-5224 Available from https://proceedings.mlr.press/v151/nguyen-duc22a.html.

Related Material