Towards Efficient Training and Evaluation of Robust Models against l0 Bounded Adversarial Perturbations
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review
Author(s)
Related Research Unit(s)
Detail(s)
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 41st International Conference on Machine Learning |
| Publisher | ML Research Press |
| Pages | 61708-61726 |
| Publication status | Published - 2024 |
Publication series
| Name | Proceedings of Machine Learning Research |
|---|---|
| Volume | 235 |
| ISSN (Print) | 2640-3498 |
Conference
| Title | 41st International Conference on Machine Learning (ICML 2024) |
|---|---|
| Location | Messe Wien Exhibition Congress Center |
| Place | Austria |
| City | Vienna |
| Period | 21 - 27 July 2024 |
Link(s)
| Document Link | Links
|
|---|---|
| Link to Scopus | https://www.scopus.com/record/display.uri?eid=2-s2.0-85203806438&origin=recordpage |
| Permanent Link | https://scholars.cityu.edu.hk/en/publications/publication(e640f9fc-6b4e-4f11-8330-05f2372d0b6c).html |
Abstract
This work studies sparse adversarial perturbations bounded by $l_0$ norm. We propose a white-box PGD-like attack method named sparse-PGD to effectively and efficiently generate such perturbations. Furthermore, we combine sparse-PGD with a black-box attack to comprehensively and more reliably evaluate the models' robustness against $l_0$ bounded adversarial perturbations. Moreover, the efficiency of sparse-PGD enables us to conduct adversarial training to build robust models against sparse perturbations. Extensive experiments demonstrate that our proposed attack algorithm exhibits strong performance in different scenarios. More importantly, compared with other robust models, our adversarially trained model demonstrates state-of-the-art robustness against various sparse attacks. Codes are available at https://github.com/CityU-MLO/sPGD.
© 2024 by the author(s).
© 2024 by the author(s).
Citation Format(s)
Towards Efficient Training and Evaluation of Robust Models against l0 Bounded Adversarial Perturbations. / Zhong, Xuyang; Huang, Yixiao; Liu, Chen.
Proceedings of the 41st International Conference on Machine Learning. ML Research Press, 2024. p. 61708-61726 (Proceedings of Machine Learning Research; Vol. 235).
Proceedings of the 41st International Conference on Machine Learning. ML Research Press, 2024. p. 61708-61726 (Proceedings of Machine Learning Research; Vol. 235).
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review
