A Mutual Information Regularization for Adversarial Training

Modeste Atsague, Olukorede Fakorede, Jin Tian
Proceedings of The 13th Asian Conference on Machine Learning, PMLR 157:188-203, 2021.

Abstract

Recently, a number of methods have been developed to alleviate the vulnerability of deep neural networks to adversarial examples, among which adversarial training and its variants have been demonstrated to be the most effective empirically. This paper aims to further improve the robustness of adversarial training against adversarial examples. We propose a new training method called mutual information and mean absolute error adversarial training (MIMAE-AT) in which the mutual information between the probabilistic predictions of the natural and the adversarial examples along with the mean absolute error between their logits are used as regularization terms to the standard adversarial training.We conduct experiments and demonstrate that the proposed MIMAE-AT method improves the state-of-the-art on adversarial robustness.

Cite this Paper

BibTeX
@InProceedings{pmlr-v157-atsague21a, title = {A Mutual Information Regularization for Adversarial Training}, author = {Atsague, Modeste and Fakorede, Olukorede and Tian, Jin}, booktitle = {Proceedings of The 13th Asian Conference on Machine Learning}, pages = {188--203}, year = {2021}, editor = {Balasubramanian, Vineeth N. and Tsang, Ivor}, volume = {157}, series = {Proceedings of Machine Learning Research}, month = {17--19 Nov}, publisher = {PMLR}, pdf = {https://proceedings.mlr.press/v157/atsague21a/atsague21a.pdf}, url = {https://proceedings.mlr.press/v157/atsague21a.html}, abstract = {Recently, a number of methods have been developed to alleviate the vulnerability of deep neural networks to adversarial examples, among which adversarial training and its variants have been demonstrated to be the most effective empirically. This paper aims to further improve the robustness of adversarial training against adversarial examples. We propose a new training method called mutual information and mean absolute error adversarial training (MIMAE-AT) in which the mutual information between the probabilistic predictions of the natural and the adversarial examples along with the mean absolute error between their logits are used as regularization terms to the standard adversarial training.We conduct experiments and demonstrate that the proposed MIMAE-AT method improves the state-of-the-art on adversarial robustness.} }
Endnote
%0 Conference Paper %T A Mutual Information Regularization for Adversarial Training %A Modeste Atsague %A Olukorede Fakorede %A Jin Tian %B Proceedings of The 13th Asian Conference on Machine Learning %C Proceedings of Machine Learning Research %D 2021 %E Vineeth N. Balasubramanian %E Ivor Tsang %F pmlr-v157-atsague21a %I PMLR %P 188--203 %U https://proceedings.mlr.press/v157/atsague21a.html %V 157 %X Recently, a number of methods have been developed to alleviate the vulnerability of deep neural networks to adversarial examples, among which adversarial training and its variants have been demonstrated to be the most effective empirically. This paper aims to further improve the robustness of adversarial training against adversarial examples. We propose a new training method called mutual information and mean absolute error adversarial training (MIMAE-AT) in which the mutual information between the probabilistic predictions of the natural and the adversarial examples along with the mean absolute error between their logits are used as regularization terms to the standard adversarial training.We conduct experiments and demonstrate that the proposed MIMAE-AT method improves the state-of-the-art on adversarial robustness.
APA
Atsague, M., Fakorede, O. & Tian, J.. (2021). A Mutual Information Regularization for Adversarial Training. Proceedings of The 13th Asian Conference on Machine Learning, in Proceedings of Machine Learning Research 157:188-203 Available from https://proceedings.mlr.press/v157/atsague21a.html.

Related Material