Improving Adversarial Robustness via Feature Pattern Consistency Constraint
Authors: Jiacong Hu, Jingwen Ye, Zunlei Feng, Jiazhen Yang, Shunyu Liu, Xiaotian Yu, Lingxiang Jia, Mingli Song
IJCAI 2024 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Our experiments demonstrate that the FPCC method empowers latent features to uphold correct feature patterns even in the face of adversarial examples, resulting in inherent adversarial robustness surpassing state-of-the-art models. |
| Researcher Affiliation | Academia | Jiacong Hu1,3,4 , Jingwen Ye5 , Zunlei Feng2,3,4, , Jiazhen Yang2 , Shunyu Liu1 , Xiaotian Yu1 , Lingxiang Jia1 and Mingli Song1,3,4 1College of Computer Science and Technology, Zhejiang University 2School of Software Technology, Zhejiang University 3State Key Laboratory of Blockchain and Security, Zhejiang University 4Hangzhou High-Tech Zone (Binjiang) Institute of Blockchain and Data Security 5National University of Singapore |
| Pseudocode | Yes | Algorithm 1 Training Model with PRO |
| Open Source Code | No | The paper does not contain any explicit statement about releasing source code or a link to a code repository. |
| Open Datasets | Yes | We conducted experiments using two widely utilized datasets: CIFAR-10 [Krizhevsky, 2009] and CIFAR-100 [Krizhevsky, 2009]. |
| Dataset Splits | No | The paper mentions using CIFAR-10 and CIFAR-100 datasets but does not explicitly provide specific training, validation, or test dataset splits or a reference to how these splits were defined. |
| Hardware Specification | No | The paper does not provide specific details about the hardware used for running experiments, such as GPU models, CPU models, or cloud computing specifications. |
| Software Dependencies | No | The paper does not provide specific ancillary software details, such as library names with version numbers, needed to replicate the experiment. |
| Experiment Setup | Yes | The total loss in PRO is given as: L = LCE + λ X l N L(l) P T = i=1 LCE,i + λ l N L(l) P T,i i=1 log( exp(zi[yi]) PK k=1 exp(zi[k]) ) + λ l N ||p(l) i d(l) yi ||1, (11) where λ is a balancing factor for the two losses. The entire PRO process is end-to-end, as shown in Algorithm 1. |