Kavli Affiliate: Ran Wang
| First 5 Authors: Haojing Shen, Sihong Chen, Ran Wang, Xizhao Wang,
| Summary:
In this paper, we propose a defence strategy to improve adversarial
robustness by incorporating hidden layer representation. The key of this
defence strategy aims to compress or filter input information including
adversarial perturbation. And this defence strategy can be regarded as an
activation function which can be applied to any kind of neural network. We also
prove theoretically the effectiveness of this defense strategy under certain
conditions. Besides, incorporating hidden layer representation we propose three
types of adversarial attacks to generate three types of adversarial examples,
respectively. The experiments show that our defence method can significantly
improve the adversarial robustness of deep neural networks which achieves the
state-of-the-art performance even though we do not adopt adversarial training.
| Search Query: ArXiv Query: search_query=au:”Ran Wang”&id_list=&start=0&max_results=10