Boosting Adversarial Robustness and Generalization with Structural Prior
This addresses adversarial vulnerability in deep learning models, which is a critical security issue for AI systems, and presents a novel approach with strong empirical results.
The paper tackles the problem of adversarial robustness in deep learning by revealing that existing dictionary learning-inspired CNNs provide false security and proposing Elastic Dictionary Learning Networks (EDLNets), which significantly enhance robustness and generalization, surpassing state-of-the-art baselines on RobustBench.
This work investigates a novel approach to boost adversarial robustness and generalization by incorporating structural prior into the design of deep learning models. Specifically, our study surprisingly reveals that existing dictionary learning-inspired convolutional neural networks (CNNs) provide a false sense of security against adversarial attacks. To address this, we propose Elastic Dictionary Learning Networks (EDLNets), a novel ResNet architecture that significantly enhances adversarial robustness and generalization. This novel and effective approach is supported by a theoretical robustness analysis using influence functions. Moreover, extensive and reliable experiments demonstrate consistent and significant performance improvement on open robustness leaderboards such as RobustBench, surpassing state-of-the-art baselines. To the best of our knowledge, this is the first work to discover and validate that structural prior can reliably enhance deep learning robustness under strong adaptive attacks, unveiling a promising direction for future research.