Rethinking Training Schedules for Verifiably Robust Networks
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Go, Hyojun | ko |
| dc.contributor.author | Byun, Junyoung | ko |
| dc.contributor.author | Kim, Changick | ko |
| dc.date.accessioned | 2021-11-29T06:46:34Z | - |
| dc.date.available | 2021-11-29T06:46:34Z | - |
| dc.date.created | 2021-11-24 | - |
| dc.date.created | 2021-11-24 | - |
| dc.date.created | 2021-11-24 | - |
| dc.date.issued | 2021-09 | - |
| dc.identifier.citation | IEEE International Conference on Image Processing (ICIP), pp.464 - 468 | - |
| dc.identifier.issn | 1522-4880 | - |
| dc.identifier.uri | http://hdl.handle.net/10203/289611 | - |
| dc.description.abstract | New and stronger adversarial attacks can threaten existing defenses. This possibility highlights the importance of certified defense methods that train deep neural networks with verifiably robust guarantees. A range of certified defense methods has been proposed to train neural networks with verifiably robustness guarantees, among which Interval Bound Propagation (IBP) and CROWN-IBP have been demonstrated to be the most effective. However, we observe that CROWN-IBP and IBP are suffering from Low Epsilon Overfitting (LEO), a problem arising from their training schedule that increases the input perturbation bound. We show that LEO can yield poor results even for a simple linear classifier. We also investigate the evidence of LEO from experiments under conditions of worsening LEO. Based on these observations, we propose a new training strategy, BatchMix, which mixes various input perturbation bounds in a mini-batch to alleviate the LEO problem. Experimental results on MNIST and CIFAR10 datasets show that BatchMix can make the performance of IBP and CROWN-IBP better by mitigating LEO. | - |
| dc.language | English | - |
| dc.publisher | IEEE Signal Processing Society | - |
| dc.title | Rethinking Training Schedules for Verifiably Robust Networks | - |
| dc.type | Conference | - |
| dc.identifier.wosid | 000819455100094 | - |
| dc.identifier.scopusid | 2-s2.0-85125582310 | - |
| dc.type.rims | CONF | - |
| dc.citation.beginningpage | 464 | - |
| dc.citation.endingpage | 468 | - |
| dc.citation.publicationname | IEEE International Conference on Image Processing (ICIP) | - |
| dc.identifier.conferencecountry | US | - |
| dc.identifier.conferencelocation | Anchorage, Alaska | - |
| dc.identifier.doi | 10.1109/ICIP42928.2021.9506540 | - |
| dc.contributor.localauthor | Kim, Changick | - |
| dc.contributor.nonIdAuthor | Go, Hyojun | - |
| dc.contributor.nonIdAuthor | Byun, Junyoung | - |
- Appears in Collection
- EE-Conference Papers(학술회의논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.