Mixup Inference: Better Exploiting Mixup to Defend Adversarial Attacks
Authors: Tianyu Pang*, Kun Xu*, Jun Zhu
ICLR 2020 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Our experiments on CIFAR-10 and CIFAR-100 demonstrate that MI can further improve the adversarial robustness for the models trained by mixup and its variants. In this section, we provide the experimental results on CIFAR-10 and CIFAR-100 (Krizhevsky & Hinton, 2009) to demonstrate the effectiveness of our MI methods on defending adversarial attacks. |
| Researcher Affiliation | Collaboration | Tianyu Pang , Kun Xu , Jun Zhu Dept. of Comp. Sci. & Tech., BNRist Center, Institute for AI, Tsinghua University; Real AI {pty17,xu-k16}@mails.tsinghua.edu.cn, dcszj@tsinghua.edu.cn |
| Pseudocode | Yes | Algorithm 1 Mixup Inference (MI) |
| Open Source Code | Yes | Our codes are available at https://github.com/P2333/Mixup-Inference. |
| Open Datasets | Yes | In experiments, we evaluate MI on CIFAR-10 and CIFAR-100 (Krizhevsky & Hinton, 2009) |
| Dataset Splits | No | The paper mentions using CIFAR-10 and CIFAR-100 for training and testing, but it does not explicitly specify a validation dataset split or its size. |
| Hardware Specification | Yes | Most of our experiments are conducted on the NVIDIA DGX-1 server with eight Tesla P100 GPUs. |
| Software Dependencies | No | The paper does not specify software dependencies with version numbers (e.g., Python, PyTorch, TensorFlow versions). |
| Experiment Setup | Yes | In training, we use Res Net-50 (He et al., 2016) and apply the momentum SGD optimizer (Qian, 1999) on both CIFAR-10 and CIFAR-100. We run the training for 200 epochs with the batch size of 64. The initial learning rate is 0.01 for ERM, mixup and AT; 0.1 for interpolated AT (Lamb et al., 2019). The learning rate decays with a factor of 0.1 at 100 and 150 epochs. |