Timezone: »
Towards Achieving Adversarial Robustness Beyond Perceptual Limits
Sravanti Addepalli · Samyak Jain · Gaurang Sriramanan · Shivangi Khare · Venkatesh Babu Radhakrishnan
The vulnerability of Deep Neural Networks to Adversarial Attacks has fuelled research towards building robust models. While most existing Adversarial Training algorithms aim towards defending against imperceptible attacks, real-world adversaries are not limited by such constraints. In this work, we aim to achieve adversarial robustness at larger epsilon bounds. We first discuss the ideal goals of an adversarial defense algorithm beyond perceptual limits, and further highlight the shortcomings of naively extending existing training algorithms to higher perturbation bounds. In order to overcome these shortcomings, we propose a novel defense, Oracle-Aligned Adversarial Training (OA-AT), that attempts to align the predictions of the network with that of an Oracle during adversarial training. The proposed approach achieves state-of-the-art performance at large epsilon bounds ($\ell_\infty$ bound of $16/255$) while outperforming adversarial training algorithms such as AWP, TRADES and PGD-AT at standard perturbation bounds ($\ell_\infty$ bound of $8/255$) as well.
Author Information
Sravanti Addepalli (Indian Institute of Science)
Samyak Jain (Indian Institute of Technology (BHU), Varanasi)
Gaurang Sriramanan (Indian Institute of Science, Bangalore)
Shivangi Khare (Indian Institute of Science)
Venkatesh Babu Radhakrishnan (Indian Institute of Science)
More from the Same Authors
-
2022 : Efficient and Effective Augmentation Strategy for Adversarial Training »
Sravanti Addepalli · Samyak Jain · Venkatesh Babu Radhakrishnan -
2022 : DAFT: Distilling Adversarially Fine-tuned teachers for OOD Robustness »
Anshul Nasery · Sravanti Addepalli · Praneeth Netrapalli · Prateek Jain -
2022 : DAFT: Distilling Adversarially Fine-tuned teachers for OOD Robustness »
Anshul Nasery · Sravanti Addepalli · Praneeth Netrapalli · Prateek Jain -
2022 Poster: A Closer Look at Smoothness in Domain Adversarial Training »
Harsh Rangwani · Sumukh K Aithal · Mayank Mishra · Arihant Jain · Venkatesh Babu Radhakrishnan -
2022 Poster: Balancing Discriminability and Transferability for Source-Free Domain Adaptation »
Jogendra Nath Kundu · Akshay Kulkarni · Suvaansh Bhambri · Deepesh Mehta · Shreyas Kulkarni · Varun Jampani · Venkatesh Babu Radhakrishnan -
2022 Spotlight: Balancing Discriminability and Transferability for Source-Free Domain Adaptation »
Jogendra Nath Kundu · Akshay Kulkarni · Suvaansh Bhambri · Deepesh Mehta · Shreyas Kulkarni · Varun Jampani · Venkatesh Babu Radhakrishnan -
2022 Spotlight: A Closer Look at Smoothness in Domain Adversarial Training »
Harsh Rangwani · Sumukh K Aithal · Mayank Mishra · Arihant Jain · Venkatesh Babu Radhakrishnan -
2019 Poster: Zero-Shot Knowledge Distillation in Deep Networks »
Gaurav Kumar Nayak · Konda Reddy Mopuri · Vaisakh Shaj · Venkatesh Babu Radhakrishnan · Anirban Chakraborty -
2019 Oral: Zero-Shot Knowledge Distillation in Deep Networks »
Gaurav Kumar Nayak · Konda Reddy Mopuri · Vaisakh Shaj · Venkatesh Babu Radhakrishnan · Anirban Chakraborty