Adversarial training is one of the most effective approaches defending against adversarial examples for deep learning models. Unlike other defense strategies, adversarial training aims to promote the robustness of models intrinsically. During the last few years, adversarial training has been studied and discussed from various aspects. A variety of improvements and developments of adversarial training are proposed, which were, however, neglected in existing surveys. For the first time in this survey, we systematically review the recent progress on adversarial training for adversarial robustness with a novel taxonomy. Then we discuss the generalization problems in adversarial training from three perspectives. Finally, we highlight the challenges which are not fully tackled and present potential future directions.
翻译:对抗性培训是防止激烈学习模式的对抗性实例的最有效方法之一。与其他防御性战略不同,对抗性培训的目的是从本质上促进各种模式的稳健性。在过去几年里,对敌对性培训进行了多方面的研究和讨论。提出了各种改进和发展敌对性培训的建议,但现有调查忽略了这些改进和发展。我们第一次在本次调查中系统地审查了最近为对抗性强健性进行对抗性培训的进展情况,并用一种新的分类法。然后我们从三个角度讨论了对抗性培训的一般化问题。最后,我们强调了尚未充分解决的挑战,并提出了今后可能的方向。
相关内容
微信扫码咨询专知VIP会员