The Quantitative Relationship between Adversarial Training and Robustness of CNN Model

Jie Wang; Minyan Lu; Jun Ai; Xueyuan Sun

doi:10.1109/DSA51864.2020.00092

The Quantitative Relationship between Adversarial Training and Robustness of CNN Model

Jie Wang
, Minyan Lu
, Jun Ai^*
, Xueyuan Sun

^*Corresponding author for this work

School of Reliability and Systems Engineering

Beihang University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

With the increasing application of deep neural networks in security-critical systems, robustness becomes an important property for deep learning. However, deep neural networks are very vulnerable to perturbations, especially adversarial attacks. The adversarial training by adding adversarial examples to the training set has become a common method to improve the performance of deep neural networks. In this paper, based on the existing robustness metrics and indicators, we study the quantitative influence of adversarial training on the robustness of network-in-network and residual network, and the differences of indicators are compared. The experimental results show that adversarial training can affect the accuracy and robustness of CNN models, and the variation trends of testing accuracy and robustness are opposite.

Original language	English
Title of host publication	Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	543-549
Number of pages	7
ISBN (Electronic)	9780738124223
DOIs	https://doi.org/10.1109/DSA51864.2020.00092
State	Published - Nov 2020
Event	7th International Conference on Dependable Systems and Their Applications, DSA 2020 - Virtual, Xi�an, China Duration: 28 Nov 2020 → 29 Nov 2020

Publication series

Name	Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020

Conference

Conference	7th International Conference on Dependable Systems and Their Applications, DSA 2020
Country/Territory	China
City	Virtual, Xi�an
Period	28/11/20 → 29/11/20

Keywords

adversarial examples
deep neural network
global adversarial robustness
local adversarial robustness
robustness

Access to Document

10.1109/DSA51864.2020.00092

Cite this

Wang, J., Lu, M., Ai, J., & Sun, X. (2020). The Quantitative Relationship between Adversarial Training and Robustness of CNN Model. In Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020 (pp. 543-549). Article 9331112 (Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DSA51864.2020.00092

Wang, Jie ; Lu, Minyan ; Ai, Jun et al. / The Quantitative Relationship between Adversarial Training and Robustness of CNN Model. Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020. Institute of Electrical and Electronics Engineers Inc., 2020. pp. 543-549 (Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020).

@inproceedings{fde76061c6ae4f48a7b765423b33f55b,

title = "The Quantitative Relationship between Adversarial Training and Robustness of CNN Model",

abstract = "With the increasing application of deep neural networks in security-critical systems, robustness becomes an important property for deep learning. However, deep neural networks are very vulnerable to perturbations, especially adversarial attacks. The adversarial training by adding adversarial examples to the training set has become a common method to improve the performance of deep neural networks. In this paper, based on the existing robustness metrics and indicators, we study the quantitative influence of adversarial training on the robustness of network-in-network and residual network, and the differences of indicators are compared. The experimental results show that adversarial training can affect the accuracy and robustness of CNN models, and the variation trends of testing accuracy and robustness are opposite.",

keywords = "adversarial examples, deep neural network, global adversarial robustness, local adversarial robustness, robustness",

author = "Jie Wang and Minyan Lu and Jun Ai and Xueyuan Sun",

note = "Publisher Copyright: {\textcopyright} 2020 IEEE.; 7th International Conference on Dependable Systems and Their Applications, DSA 2020 ; Conference date: 28-11-2020 Through 29-11-2020",

year = "2020",

month = nov,

doi = "10.1109/DSA51864.2020.00092",

language = "英语",

series = "Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "543--549",

booktitle = "Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020",

address = "美国",

}

Wang, J, Lu, M, Ai, J & Sun, X 2020, The Quantitative Relationship between Adversarial Training and Robustness of CNN Model. in Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020., 9331112, Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020, Institute of Electrical and Electronics Engineers Inc., pp. 543-549, 7th International Conference on Dependable Systems and Their Applications, DSA 2020, Virtual, Xi�an, China, 28/11/20. https://doi.org/10.1109/DSA51864.2020.00092

The Quantitative Relationship between Adversarial Training and Robustness of CNN Model. / Wang, Jie; Lu, Minyan; Ai, Jun et al.
Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020. Institute of Electrical and Electronics Engineers Inc., 2020. p. 543-549 9331112 (Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - The Quantitative Relationship between Adversarial Training and Robustness of CNN Model

AU - Wang, Jie

AU - Lu, Minyan

AU - Ai, Jun

AU - Sun, Xueyuan

PY - 2020/11

Y1 - 2020/11

N2 - With the increasing application of deep neural networks in security-critical systems, robustness becomes an important property for deep learning. However, deep neural networks are very vulnerable to perturbations, especially adversarial attacks. The adversarial training by adding adversarial examples to the training set has become a common method to improve the performance of deep neural networks. In this paper, based on the existing robustness metrics and indicators, we study the quantitative influence of adversarial training on the robustness of network-in-network and residual network, and the differences of indicators are compared. The experimental results show that adversarial training can affect the accuracy and robustness of CNN models, and the variation trends of testing accuracy and robustness are opposite.

AB - With the increasing application of deep neural networks in security-critical systems, robustness becomes an important property for deep learning. However, deep neural networks are very vulnerable to perturbations, especially adversarial attacks. The adversarial training by adding adversarial examples to the training set has become a common method to improve the performance of deep neural networks. In this paper, based on the existing robustness metrics and indicators, we study the quantitative influence of adversarial training on the robustness of network-in-network and residual network, and the differences of indicators are compared. The experimental results show that adversarial training can affect the accuracy and robustness of CNN models, and the variation trends of testing accuracy and robustness are opposite.

KW - adversarial examples

KW - deep neural network

KW - global adversarial robustness

KW - local adversarial robustness

KW - robustness

UR - https://www.scopus.com/pages/publications/85100528022

U2 - 10.1109/DSA51864.2020.00092

DO - 10.1109/DSA51864.2020.00092

M3 - 会议稿件

AN - SCOPUS:85100528022

T3 - Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020

SP - 543

EP - 549

BT - Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 7th International Conference on Dependable Systems and Their Applications, DSA 2020

Y2 - 28 November 2020 through 29 November 2020

ER -

Wang J, Lu M, Ai J, Sun X. The Quantitative Relationship between Adversarial Training and Robustness of CNN Model. In Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020. Institute of Electrical and Electronics Engineers Inc. 2020. p. 543-549. 9331112. (Proceedings - 2020 7th International Conference on Dependable Systems and Their Applications, DSA 2020). doi: 10.1109/DSA51864.2020.00092

The Quantitative Relationship between Adversarial Training and Robustness of CNN Model

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this