Adversarially Robust Learning via Entropic Regularization
This addresses the challenge of adversarial robustness in deep learning, which is critical for security-sensitive applications, but the approach appears incremental as it builds on existing robust learning methods.
The paper tackles the problem of training adversarially robust deep neural networks by proposing ATENT, a new family of algorithms that use an entropic regularization loss function to optimize for robust valleys in the loss landscape, achieving competitive or better robust classification accuracy on benchmark datasets like MNIST and CIFAR-10.
In this paper we propose a new family of algorithms, ATENT, for training adversarially robust deep neural networks. We formulate a new loss function that is equipped with an additional entropic regularization. Our loss function considers the contribution of adversarial samples that are drawn from a specially designed distribution in the data space that assigns high probability to points with high loss and in the immediate neighborhood of training samples. Our proposed algorithms optimize this loss to seek adversarially robust valleys of the loss landscape. Our approach achieves competitive (or better) performance in terms of robust classification accuracy as compared to several state-of-the-art robust learning approaches on benchmark datasets such as MNIST and CIFAR-10.