Go to DBLP homepageEnhancing Adversarial Robustness of DNNS Via Weight Decorrelation in Training
Abstract: Deep Neural Networks (DNNs) are vulnerable to adversarial perturbations, raising significant concerns about their security. Numerous methods have been proposed to enhance DNN robustness. However, many methods, including adversarial training and noise injection, improve robustness by incorporating external data into the network. Exploring the network’s inherent potential is crucial to improve adversarial robustness. Inspired by principles in physical chemistry, where increased disorder leads to greater energetic stability, we introduce the Weight Decorrelation Loss. This method is simple but effective, enhancing robustness by disrupting the feature space’s ordered structure. The proposed loss achieves substantial performance improvements and state-of-the-art performance after being combined with Gaussian noise. We conduct comprehensive experiments on five datasets, comparing our approach to state-of-the-art defense methods. The results demonstrate our method’s effectiveness against several powerful white-box and black-box attacks.
Loading