ATRAS: Adversarially Trained Robust Architecture Search

Add code
Jun 13, 2021
Yigit Alparslan, Edward Kim
Figure 1 for ATRAS: Adversarially Trained Robust Architecture Search
Figure 2 for ATRAS: Adversarially Trained Robust Architecture Search
Figure 3 for ATRAS: Adversarially Trained Robust Architecture Search
Figure 4 for ATRAS: Adversarially Trained Robust Architecture Search

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

In this paper, we explore the effect of architecture completeness on adversarial robustness. We train models with different architectures on CIFAR-10 and MNIST dataset. For each model, we vary different number of layers and different number of nodes in the layer. For every architecture candidate, we use Fast Gradient Sign Method (FGSM) to generate untargeted adversarial attacks and use adversarial training to defend against those attacks. For each architecture candidate, we report pre-attack, post-attack and post-defense accuracy for the model as well as the architecture parameters and the impact of completeness to the model accuracies.

* 9 pages, 2 figures, 2 tables  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon