Notice: The reproducibility variables underlying each score are classified using an automated LLM-based pipeline, validated against a manually labeled dataset. LLM-based classification introduces uncertainty and potential bias; scores should be interpreted as estimates. Full accuracy metrics and methodology are described in Coakley et alK. L. Coakley, T. Snelleman, H. Hoos, and O. E. Gundersen, "The embrace of open science: An analysis of a decade of AI research and 56 800 conference papers," Under Review, 2026..
Democratic Training Against Universal Adversarial Perturbations
Authors: Bing Sun, Jun Sun, Wei Zhao
ICLR 2025 | Venue PDF | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Democratic Training is evaluated with 7 neural networks trained on 5 benchmark datasets and 5 types of state-of-the-art universal adversarial attack methods. The results show that it effectively reduces the attack success rate, improves model robustness and preserves the model accuracy on clean samples. |
| Researcher Affiliation | Academia | Bing Sun Singapore Management University EMAIL Jun Sun Singapore Management University EMAIL Wei Zhao Singapore Management University EMAIL |
| Pseudocode | Yes | Algorithm 1: Remove(I, N, m, ϵ) 1 for n epochs do 2 for each batch b do 3 Ien b Sample Generator(Ib, N, m, ϵ); 4 L(i, ien) = αLcce(ien) + (1 α)Lcce(i); 5 J(θ) = L(.) 6 θ θ γθ SGD(J(θ)); 7 return θ; Algorithm 2: Sample Generator(I, N, m, ϵ) 1 for m iterations do 2 L(i) = H(i); 4 sign( i L(i)); 4 i = Clamp(i, ϵ); 5 return i; |
| Open Source Code | Yes | Our approach has been implemented as a self-contained toolkit in Python and is open-sourced (https://gitlab.com/sunbing7/democratic_training). |
| Open Datasets | Yes | We conduct our experiments with 7 neural network models trained over 5 benchmark datasets: 1) Image Net (Deng et al., 2009), 2) ASL Alphabet (Sau, 2018), 3) Caltech101 (Li et al., 2022), 4) Euro SAT (Helber et al., 2019) and 5) CIFAR-10 (Krizhevsky, 2009). |
| Dataset Splits | Yes | Image Net (Deng et al., 2009): The Image Net 2012 dataset, also known as the ILSVRC 2012 (Image Net Large Scale Visual Recognition Challenge), is a large-scale dataset used for visual object recognition tasks. It contains over 1.2 million images for training, 50,000 for validation, and 100,000 for testing. |
| Hardware Specification | Yes | All experiments are conducted on a machine with 96-Core 1.4GHz CPU and 60GB system memory with an NVIDIA 24GB RTX 4090 GPU. |
| Software Dependencies | No | The paper mentions 'Py Torch (Paszke et al., 2019)' and 'implemented as a self-contained toolkit in Python' but does not provide specific version numbers for these or other critical software components. |
| Experiment Setup | Yes | When applying Democratic Training, we focus on the last pooling or dense layer for the entropy calculation... A small set of clean data ( 5% of the training set) is used during the model enhancement. Algorithm 1 details parameters like 'n epochs' and 'm iterations'. Parameter α (0, 1) controls the trade-off between the effectiveness of UAP removal and performance on unperturbed inputs during the optimization process. In Appendix 8.4, specific ϵ values (5/255, 10/255, 15/255) are used for generating UAPs. |