Name
Title | ||
|---|---|---|
Lightweight Lipschitz Margin Training for Certified Defense against Adversarial Examples. |
Abstract | ||
|---|---|---|
How can we make machine learning provably robust against adversarial examples in a scalable way? Since certified defense methods, which ensure $epsilon$-robust, consume huge resources, they can only achieve small degree of robustness in practice. Lipschitz margin training (LMT) is a scalable certified defense, but it can also only achieve small robustness due to over-regularization. How can we make certified defense more efficiently? We present LC-LMT, a light weight Lipschitz margin training which solves the above problem. Our method has the following properties; (a) efficient: it can achieve $epsilon$-robustness at early epoch, and (b) robust: it has a potential to get higher robustness than LMT. In the evaluation, we demonstrate the benefits of the proposed method. LC-LMT can achieve required robustness more than 30 epoch earlier than LMT in MNIST, and shows more than 90 $%$ accuracy against both legitimate and adversarial inputs. |
Year | Venue | DocType |
|---|---|---|
2018 | arXiv: Learning | Journal |
Volume | Citations | PageRank |
abs/1811.08080 | 0 | 0.34 |
References | Authors | |
0 | 3 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Hajime Ono | 1 | 0 | 1.69 |
| Tsubasa Takahashi | 2 | 1 | 1.03 |
| Kazuya Kakizaki | 3 | 0 | 2.37 |