Towards Better Accuracy and Robustness with Localized Adversarial Training

  • Eitan Rothberg Ohio State University
  • Tingting Chen California State Polytechnic University Pomona
  • Hao Ji California State Polytechnic University Pomona

Abstract

As technology and society grow increasingly dependent on computer vision, it becomes important to make sure that these technologies are secure. However, even today’s stateof-the-art classifiers are easily fooled by carefully manipulated images. The only solutions that have increased robustness against these manipulated images have come at the expense of accuracy on natural inputs. In this work, we propose a new training technique, localized adversarial training, that results in more accurate classification of both both natural and adversarial images by as much as 6.5% and 99.7%, respectively.

Published
2019-07-17
Section
Student Abstract Track