Adversarial Learning with Margin-based Triplet Embedding Regularization [article]

Yaoyao Zhong, Weihong Deng
2019 arXiv   pre-print
The Deep neural networks (DNNs) have achieved great success on a variety of computer vision tasks, however, they are highly vulnerable to adversarial attacks. To address this problem, we propose to improve the local smoothness of the representation space, by integrating a margin-based triplet embedding regularization term into the classification objective, so that the obtained model learns to resist adversarial examples. The regularization term consists of two steps optimizations which find
more » ... ntial perturbations and punish them by a large margin in an iterative way. Experimental results on MNIST, CASIA-WebFace, VGGFace2 and MS-Celeb-1M reveal that our approach increases the robustness of the network against both feature and label adversarial attacks in simple object classification and deep face recognition.
arXiv:1909.09481v1 fatcat:tc2ttjpbcbgq7dsgex25lhvqz4