| dc.contributor | 資訊系 | |
| dc.creator (作者) | 廖文宏 | |
| dc.creator (作者) | Liao, Wen-Hung;Khan, Sarwar;Chen, Jun-Cheng;Chen, Chu-Song | |
| dc.date (日期) | 2023-07 | |
| dc.date.accessioned | 13-Dec-2023 14:16:36 (UTC+8) | - |
| dc.date.available | 13-Dec-2023 14:16:36 (UTC+8) | - |
| dc.date.issued (上傳時間) | 13-Dec-2023 14:16:36 (UTC+8) | - |
| dc.identifier.uri (URI) | https://nccur.lib.nccu.edu.tw/handle/140.119/148734 | - |
| dc.description.abstract (摘要) | Adversarial attacks have become one of the most serious security issues in widely used deep neural networks. Even though real-world datasets usually have large intra-variations or multiple modes, most adversarial defense methods, such as adversarial training, which is currently one of the most effective defense methods, mainly focus on the single-mode setting and thus fail to capture the full data representation to defend against adversarial attacks. To confront this challenge, we propose a novel multi-prototype metric learning regularization for adversarial training which can effectively enhance the defense capability of adversarial training by preventing the latent representation of the adversarial example changing a lot from its clean one. With extensive experiments on CIFAR10, CIFAR100, MNIST, and Tiny ImageNet, the evaluation results show the proposed method improves the performance of different state-of-the-art adversarial training methods without additional computational cost. Furthermore, besides Tiny ImageNet, in the multi-prototype CIFAR10 and CIFAR100 where we reorganize the whole datasets of CIFAR10 and CIFAR100 into two and ten classes, respectively, the proposed method outperforms the state-of-the-art approach by 2.22% and 1.65%, respectively. Furthermore, the proposed multi-prototype method also outperforms its single-prototype version and other commonly used deep metric learning approaches as regularization for adversarial training and thus further demonstrates its effectiveness. | |
| dc.format.extent | 97 bytes | - |
| dc.format.mimetype | text/html | - |
| dc.relation (關聯) | Sensors, Vol.23, No.13, 6173 | |
| dc.subject (關鍵詞) | adversarial attacks; adversarial training; classification; metric learning; multi-mode; prototypes | |
| dc.title (題名) | Towards Adversarial Robustness for Multi-Mode Data through Metric Learning | |
| dc.type (資料類型) | article | |
| dc.identifier.doi (DOI) | 10.3390/s23136173 | |
| dc.doi.uri (DOI) | https://doi.org/10.3390/s23136173 | |
