Adversarial Robustness on Image Classification with $k$-means
This work addresses security risks in unsupervised learning for image classification, but it appears incremental as it adapts existing adversarial training concepts to k-means.
The paper tackles the problem of adversarial robustness in k-means clustering for image classification, evaluating vulnerabilities and introducing an adversarial training method that improves testing performance in adversarial scenarios.
In this paper we explore the challenges and strategies for enhancing the robustness of $k$-means clustering algorithms against adversarial manipulations. We evaluate the vulnerability of clustering algorithms to adversarial attacks, emphasising the associated security risks. Our study investigates the impact of incremental attack strength on training, introduces the concept of transferability between supervised and unsupervised models, and highlights the sensitivity of unsupervised models to sample distributions. We additionally introduce and evaluate an adversarial training method that improves testing performance in adversarial scenarios, and we highlight the importance of various parameters in the proposed training method, such as continuous learning, centroid initialisation, and adversarial step-count.