Universal Adversarial Robustness of Texture and Shape-Biased Models
This addresses adversarial robustness in computer vision models, but the findings are incremental as they build on existing shape-bias research without a major breakthrough.
The paper tackled the problem of whether shape-biased deep neural networks improve adversarial robustness to universal adversarial perturbations, finding that shape-biased models do not significantly enhance robustness, but ensembles of texture and shape-biased models can improve it while maintaining performance.
Increasing shape-bias in deep neural networks has been shown to improve robustness to common corruptions and noise. In this paper we analyze the adversarial robustness of texture and shape-biased models to Universal Adversarial Perturbations (UAPs). We use UAPs to evaluate the robustness of DNN models with varying degrees of shape-based training. We find that shape-biased models do not markedly improve adversarial robustness, and we show that ensembles of texture and shape-biased models can improve universal adversarial robustness while maintaining strong performance.