L 1-norm double backpropagation adversarial defense

Ga\"elle Loosli (LIMOS); Isma\"ila Seck (LIMOS; LITIS); Stephane Canu (LITIS)

arxiv: 1903.01715 · v1 · pith:T772FK5Cnew · submitted 2019-03-05 · 💻 cs.LG · cs.NE

L 1-norm double backpropagation adversarial defense

Isma\"ila Seck (LIMOS , LITIS) , Ga\"elle Loosli (LIMOS) , Stephane Canu (LITIS) This is my paper

classification 💻 cs.LG cs.NE

keywords adversarialwhenaloneattacksbackpropagationbecomesbehavescarefully

0 comments

read the original abstract

Adversarial examples are a challenging open problem for deep neural networks. We propose in this paper to add a penalization term that forces the decision function to be at in some regions of the input space, such that it becomes, at least locally, less sensitive to attacks. Our proposition is theoretically motivated and shows on a first set of carefully conducted experiments that it behaves as expected when used alone, and seems promising when coupled with adversarial training.

This paper has not been read by Pith yet.

L 1-norm double backpropagation adversarial defense

discussion (0)