← Back to papers
2023 AAAI AAAI 2023

Memorization Weights for Instance Reweighting in Adversarial Training

Abstract

Abstract Adversarial training is an effective way to defend deep neural networks (DNN) against adversarial examples. However, there are atypical samples that are rare and hard to learn, or even hurt DNNs' generalization performance on test data. In this paper, we propose a novel algorithm to reweight the training samples based on self-supervised techniques to mitigate the negative effects of the atypical samples. Specifically, a memory bank is built to record the popular samples as prototypes and calculate the memorization weight for each sample, evaluating the "typicalness" of a sample. All the training samples are reweigthed based on the proposed memorization weights to reduce the negative effects of atypical samples. Experimental results show the proposed method is flexible to boost state-of-the-art adversarial training methods, improving both robustness and standard accuracy of DNNs.

🌉 Interdisciplinary Bridge — Artificial Intelligence and Deep Learning and Machine Learning
🧭 Keyword Pioneer — memorization weight
🐝 Cross-Pollinator — Artificial Intelligence, Computer Science, Computer Vision, Data Science & Analytics, Deep Learning, Healthcare & Medicine, Interdisciplinary, Knowledge & Reasoning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Reinforcement Learning, Robotics, Security & Privacy, Speech & Audio

Authors

Jianfu Zhang , Yan Hong , Qibin Zhao

Topics

Machine Learning > Learning Types > Adversarial Learning Machine Learning > Learning Types > Self-Supervised Learning Deep Learning > Learning Types > Self-Supervised Learning Artificial Intelligence > Core AI > Adversarial Learning Deep Learning > Learning Types > Adversarial Learning

Keywords

adversarial robustness self-supervised learning adversarial training sample weighting instance reweighting memorization weight
Download PDF

Related papers

A Model-Agnostic Heuristics for Selective Classification 2023
Tackling Safe and Efficient Multi-Agent Reinforcement Learning via Dynamic Shielding (Student Abstract) 2023
Head-Free Lightweight Semantic Segmentation with Linear Transformer 2023
Hierarchical ConViT with Attention-Based Relational Reasoner for Visual Analogical Reasoning 2023
Deep Spiking Neural Networks with High Representation Similarity Model Visual Pathways of Macaque and Mouse 2023