Meta Invariance Defense Towards Generalizable Robustness to Unknown Adversarial Attacks

arXiv:2404.03340v1 Announce Type: cross
Abstract: Despite providing high-performance solutions for computer vision tasks, the deep neural network (DNN) model has been proved to be extremely vulnerable to adversarial attacks. Current defense mainly focuses on the known attacks, but the adversarial robustness to the unknown attacks is seriously overlooked. Besides, commonly used adaptive learning and fine-tuning technique is unsuitable for adversarial defense since it is essentially a zero-shot problem when deployed. Thus, to tackle this challenge, we propose an attack-agnostic defense …

adversarial adversarial attacks arxiv attacks computer computer vision cs.cr cs.cv cs.lg current defense high meta network neural network performance robustness solutions vulnerable