Adversarial Training in Low-Label Regimes with Margin-Based Interpolation
This addresses the problem of adversarial robustness in low-label regimes for machine learning practitioners, representing an incremental improvement over existing adversarial training methods.
The paper tackles the problem of training robust neural networks with limited labeled data by introducing a semi-supervised adversarial training method that uses margin-based interpolation and epsilon scheduling. The result shows enhanced performance against adversarial attacks like PGD and AutoAttack, though no concrete numbers are provided in the abstract.
Adversarial training has emerged as an effective approach to train robust neural network models that are resistant to adversarial attacks, even in low-label regimes where labeled data is scarce. In this paper, we introduce a novel semi-supervised adversarial training approach that enhances both robustness and natural accuracy by generating effective adversarial examples. Our method begins by applying linear interpolation between clean and adversarial examples to create interpolated adversarial examples that cross decision boundaries by a controlled margin. This sample-aware strategy tailors adversarial examples to the characteristics of each data point, enabling the model to learn from the most informative perturbations. Additionally, we propose a global epsilon scheduling strategy that progressively adjusts the upper bound of perturbation strengths during training. The combination of these strategies allows the model to develop increasingly complex decision boundaries with better robustness and natural accuracy. Empirical evaluations show that our approach effectively enhances performance against various adversarial attacks, such as PGD and AutoAttack.