May 6, 2021

SpywareNews.com

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

Learning to Defend by Learning to Attack. (arXiv:1811.01213v5 [cs.LG] UPDATED)

Adversarial training provides a principled approach for training robust
neural networks. From an optimization perspective, adversarial training is
essentially solving a bilevel optimization problem. The leader problem is
trying to learn a robust classifier, while the follower problem is trying to
generate adversarial samples. Unfortunately, such a bilevel problem is
difficult to solve due to its highly complicated structure. This work proposes
a new adversarial training method based on a generic learning-to-learn (L2L)
framework. Specifically, instead of applying existing hand-designed algorithms
for the inner problem, we learn an optimizer, which is parametrized as a
convolutional neural network. At the same time, a robust classifier is learned
to defense the adversarial attack generated by the learned optimizer.
Experiments over CIFAR-10 and CIFAR-100 datasets demonstrate that L2L
outperforms existing adversarial training methods in both classification
accuracy and computational efficiency. Moreover, our L2L framework can be
extended to generative adversarial imitation learning and stabilize the
training.