Revisiting Min-Max Optimization Problem in Adversarial Training
This work addresses security risks in computer vision applications by improving adversarial robustness, though it appears incremental as it builds on existing optimization frameworks.
The paper tackles the problem of deep neural networks being vulnerable to adversarial examples by proposing a new method to build robust models through reformulating the saddle point optimization problem, offering significant resistance and security guarantees against multiple adversaries.
The rise of computer vision applications in the real world puts the security of the deep neural networks at risk. Recent works demonstrate that convolutional neural networks are susceptible to adversarial examples - where the input images look similar to the natural images but are classified incorrectly by the model. To provide a rebuttal to this problem, we propose a new method to build robust deep neural networks against adversarial attacks by reformulating the saddle point optimization problem in \cite{madry2017towards}. Our proposed method offers significant resistance and a concrete security guarantee against multiple adversaries. The goal of this paper is to act as a stepping stone for a new variation of deep learning models which would lead towards fully robust deep learning models.