CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 13054 > Article
Poster
10 June 2024 Practical considerations for adversarial training
Roger C. Sengphanith, Diego Marez, Shibin Parameswaran
Author Affiliations +
Proceedings Volume 13054, Assurance and Security for AI-enabled Systems; 130540S (2024) https://doi.org/10.1117/12.3023037
Event: SPIE Defense + Commercial Sensing, 2024, National Harbor, Maryland, United States
Conference Poster
Abstract
Susceptibility to adversarial attacks is an issue that plagues many deep neural networks. One method to protect against these attacks is adversarial training (AT), which injects adversarially modified examples into training data, in order to achieve adversarial robustness. By exposing the model to malignant data during training, the model learns to not get fooled by them during inference time. Although, AT is accepted to be the de facto defense against adversarial attacks, questions still remain when using it for practical applications. In this work, we address some of these questions: What ratio of original-to-adversarial in the training set is needed to make them effective?, Does model robustness from one type of AT generalize to another attack?, and Does the AT data ratio and generalization vary depending on model complexity? We attempt to answer these questions using carefully crafted experiments using CIFAR10 dataset and ResNet models with varying complexity.
© (2024) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Roger C. Sengphanith, Diego Marez, and Shibin Parameswaran "Practical considerations for adversarial training", Proc. SPIE 13054, Assurance and Security for AI-enabled Systems, 130540S (10 June 2024); https://doi.org/10.1117/12.3023037
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 POSTER
DOWNLOAD POSTER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Data modeling
Adversarial training
Education and training
Tumor growth modeling
Defense and security
Neural networks
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top