Image Decomposition and Classification through a Generative Model
This addresses robustness in image classification for machine learning applications, but it is incremental as it builds on existing generative models.
The paper tackles the problem of classification under adversarial attacks and distribution shifts by designing a conditional variational autoencoder that decomposes inputs and learns component distributions, achieving high robustness on MNIST and NORB datasets, including for high-strength attacks.
We demonstrate in this paper that a generative model can be designed to perform classification tasks under challenging settings, including adversarial attacks and input distribution shifts. Specifically, we propose a conditional variational autoencoder that learns both the decomposition of inputs and the distributions of the resulting components. During test, we jointly optimize the latent variables of the generator and the relaxed component labels to find the best match between the given input and the output of the generator. The model demonstrates promising performance at recognizing overlapping components from the multiMNIST dataset, and novel component combinations from a traffic sign dataset. Experiments also show that the proposed model achieves high robustness on MNIST and NORB datasets, in particular for high-strength gradient attacks and non-gradient attacks.