Command Palette
Search for a command to run...
Stochastic Local Winner-Takes-All Networks Enable Profound Adversarial Robustness
Konstantinos P. Panousis Sotirios Chatzis Sergios Theodoridis
Abstract
This work explores the potency of stochastic competition-based activations, namely Stochastic Local Winner-Takes-All (LWTA), against powerful (gradient-based) white-box and black-box adversarial attacks; we especially focus on Adversarial Training settings. In our work, we replace the conventional ReLU-based nonlinearities with blocks comprising locally and stochastically competing linear units. The output of each network layer now yields a sparse output, depending on the outcome of winner sampling in each block. We rely on the Variational Bayesian framework for training and inference; we incorporate conventional PGD-based adversarial training arguments to increase the overall adversarial robustness. As we experimentally show, the arising networks yield state-of-the-art robustness against powerful adversarial attacks while retaining very high classification rate in the benign case.
Code Repositories
Benchmarks
| Benchmark | Methodology | Metrics |
|---|---|---|
| adversarial-defense-on-cifar-10 | Ours (Stochastic-LWTA/PGD/WideResNet-34-1) | Accuracy: 81.87 Attack: AutoAttack: 74.71 |
| adversarial-defense-on-cifar-10 | Stochastic-LWTA/PGD/WideResNet-34-10 | Accuracy: 84.3 Attack: AutoAttack: 82.6 |
| adversarial-defense-on-cifar-10 | Ours (Stochastic-LWTA/PGD/WideResNet-34-5) | Accuracy: 83.4 |
| adversarial-defense-on-cifar-10 | Stochastic-LWTA/PGD/WideResNet-34-5 | Attack: AutoAttack: 81.22 |
| adversarial-robustness-on-cifar-10 | Stochastic-LWTA/PGD/WideResNet-34-10 | Accuracy: 92.26 Attack: AutoAttack: 82.6 Robust Accuracy: 84.3 |
| adversarial-robustness-on-cifar-10 | Stochastic-LWTA/PGD/WideResNet-34-5 | Accuracy: 91.88 Attack: AutoAttack: 81.22 Robust Accuracy: 83.4 |
Build AI with AI
From idea to launch — accelerate your AI development with free AI co-coding, out-of-the-box environment and best price of GPUs.