Q-TART: Quickly Training for Adversarial Robustness and in-Transferability
This work addresses adversarial security and computational efficiency for real-world DNN applications, presenting an incremental improvement by complementing existing adversarial training methods.
The paper tackles the problem of improving adversarial robustness and training efficiency in deep neural networks by identifying and removing noise-susceptible samples, achieving over 1.3% increased robustness and up to 17.9% reduced training time across multiple datasets including ImageNet.
Raw deep neural network (DNN) performance is not enough; in real-world settings, computational load, training efficiency and adversarial security are just as or even more important. We propose to simultaneously tackle Performance, Efficiency, and Robustness, using our proposed algorithm Q-TART, Quickly Train for Adversarial Robustness and in-Transferability. Q-TART follows the intuition that samples highly susceptible to noise strongly affect the decision boundaries learned by DNNs, which in turn degrades their performance and adversarial susceptibility. By identifying and removing such samples, we demonstrate improved performance and adversarial robustness while using only a subset of the training data. Through our experiments we highlight Q-TART's high performance across multiple Dataset-DNN combinations, including ImageNet, and provide insights into the complementary behavior of Q-TART alongside existing adversarial training approaches to increase robustness by over 1.3% while using up to 17.9% less training time.