Addressing Neural Network Robustness with Mixup and Targeted Labeling Adversarial Training
This work addresses robustness for industrial applications of neural networks, but it is incremental as it builds on existing methods like Mixup and adversarial training.
The paper tackles the problem of neural network sensitivity to various perturbations by proposing M-TLAT, a data augmentation strategy combining Mixup and Targeted Labeling Adversarial Training, which improves robustness against 19 common corruptions and 5 adversarial attacks without reducing clean accuracy.
Despite their performance, Artificial Neural Networks are not reliable enough for most of industrial applications. They are sensitive to noises, rotations, blurs and adversarial examples. There is a need to build defenses that protect against a wide range of perturbations, covering the most traditional common corruptions and adversarial examples. We propose a new data augmentation strategy called M-TLAT and designed to address robustness in a broad sense. Our approach combines the Mixup augmentation and a new adversarial training algorithm called Targeted Labeling Adversarial Training (TLAT). The idea of TLAT is to interpolate the target labels of adversarial examples with the ground-truth labels. We show that M-TLAT can increase the robustness of image classifiers towards nineteen common corruptions and five adversarial attacks, without reducing the accuracy on clean samples.