Related papers: Criticality Leveraged Adversarial Training (CLAT) for Boosted Performance via Parameter Efficiency

Criticality Leveraged Adversarial Training (CLAT) for Boosted Performance via Parameter Efficiency

URL: http://arxiv.org/abs/2408.10204v2
Date: Fri, 30 Aug 2024 20:19:10 GMT
Title: Criticality Leveraged Adversarial Training (CLAT) for Boosted Performance via Parameter Efficiency
Authors: Bhavna Gopal, Huanrui Yang, Jingyang Zhang, Mark Horton, Yiran Chen,
Abstract summary: CLAT introduces parameter efficiency into the adversarial training process, improving both clean accuracy and adversarial robustness. It can be applied on top of existing adversarial training methods, significantly reducing the number of trainable parameters by approximately 95%.
Score: 15.211462468655329
License: http://creativecommons.org/licenses/by-nc-sa/4.0/
Abstract: Adversarial training enhances neural network robustness but suffers from a tendency to overfit and increased generalization errors on clean data. This work introduces CLAT, an innovative approach that mitigates adversarial overfitting by introducing parameter efficiency into the adversarial training process, improving both clean accuracy and adversarial robustness. Instead of tuning the entire model, CLAT identifies and fine-tunes robustness-critical layers - those predominantly learning non-robust features - while freezing the remaining model to enhance robustness. It employs dynamic critical layer selection to adapt to changes in layer criticality throughout the fine-tuning process. Empirically, CLAT can be applied on top of existing adversarial training methods, significantly reduces the number of trainable parameters by approximately 95%, and achieves more than a 2% improvement in adversarial robustness compared to baseline methods.