Cost-Sensitive Robustness against Adversarial Examples
Authors: Xiao Zhang, David Evans
ICLR 2019 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Our experiments on simple MNIST and CIFAR10 models with a variety of cost matrices show that the proposed approach can produce models with substantially reduced cost-sensitive robust error, while maintaining classification accuracy. |
| Researcher Affiliation | Academia | Xiao Zhang Department of Computer Science University of Virginia xz7bc@virginia.edu David Evans Department of Computer Science University of Virginia evans@virginia.edu |
| Pseudocode | No | The paper does not contain any explicit pseudocode or algorithm blocks. |
| Open Source Code | Yes | Our implementation, including code for reproducing all our experiments, is available as open source code at https://github.com/xiaozhanguva/Cost-Sensitive-Robustness. |
| Open Datasets | Yes | We evaluate the performance of our cost-sensitive robustness training method on models for two benchmark image classification datasets: MNIST (Le Cun et al., 2010) and CIFAR10 (Krizhevsky & Hinton, 2009). |
| Dataset Splits | Yes | For both datasets, the relevant family of attacks is specified as all the adversarial perturbations that are bounded in an ℓ -norm ball... For both our cost-sensitive robust model and the overall robust model, we randomly split the 60,000 training samples into five folds of equal size, and train the classifier over 60 epochs on four of them using the Adam optimizer (Kingma & Ba, 2015) with batch size 50 and learning rate 0.001. We treat the remaining fold as a validation dataset for model selection. |
| Hardware Specification | No | The paper does not provide specific details about the hardware used for experiments (e.g., CPU, GPU models, RAM). |
| Software Dependencies | No | The paper mentions using the 'Adam optimizer' (Kingma & Ba, 2015) and 'SGD', but does not specify software versions for programming languages, libraries, or frameworks (e.g., Python, TensorFlow, PyTorch versions). |
| Experiment Setup | Yes | For MNIST, we use the same convolutional neural network architecture (Le Cun et al., 1998), which includes two convolutional layers, with 16 and 32 filters respectively, and a two fully-connected layers, consisting of 100 and 10 hidden units respectively. Re LU activations are applied to each layer except the last one... train the classifier over 60 epochs on four of them using the Adam optimizer (Kingma & Ba, 2015) with batch size 50 and learning rate 0.001. We use the ϵ-scheduling and learning rate decay techniques, where we increase ϵ from 0.05 to the desired value linearly over the first 20 epochs and decay the learning rate by 0.5 every 10 epochs for the remaining epochs. |