Adversarial examples for fooling deep learning models have been studied for several years and are still a hot topic. Adversarial training also receives enormous attention because of its effectiveness in defending adversarial examples. However, adversarial training is not perfect, many questions of which remain to solve. During the last few years, researchers in this community have studied and discussed adversarial training from various aspects. Many new theories and understandings of adversarial training have been proposed. In this survey, we systematically review the recent progress on adversarial training for the first time, categorized by different improvements. Then we discuss the generalization problems in adversarial training from three perspectives. Finally, we highlight the challenges which are not fully solved and present potential future directions.
翻译:欺骗深层次学习模式的对立实例已经研究多年,仍然是一个热门话题,反对立培训也因其在辩护对抗性实例方面的有效性而引起极大关注,但对抗性培训并不完美,许多问题仍有待解决。在过去几年中,这一社区的研究人员从各方面研究和讨论了对抗性培训,提出了许多关于对抗性培训的新理论和新理解。在这次调查中,我们首次系统地审查了对抗性培训的最新进展,按不同改进分类。然后,我们从三个角度讨论了对抗性培训的一般化问题。最后,我们强调了尚未完全解决的挑战,并提出了潜在的未来方向。
相关内容
微信扫码咨询专知VIP会员