DeepAI AI Chat
Log In Sign Up

Multitask Learning Strengthens Adversarial Robustness

by   Chengzhi Mao, et al.

Although deep networks achieve strong accuracy on a range of computer vision benchmarks, they remain vulnerable to adversarial attacks, where imperceptible input perturbations fool the network. We present both theoretical and empirical analyses that connect the adversarial robustness of a model to the number of tasks that it is trained on. Experiments on two datasets show that attack difficulty increases as the number of target tasks increase. Moreover, our results suggest that when models are trained on multiple tasks at once, they become more robust to adversarial attacks on individual tasks. While adversarial defense remains an open challenge, our results suggest that deep networks are vulnerable partly because they are trained on too few tasks.


page 2

page 8

page 11

page 13


Adversarial Attacks are Reversible with Natural Supervision

We find that images contain intrinsic structure that enables the reversa...

Understanding Adversarial Robustness: The Trade-off between Minimum and Average Margin

Deep models, while being extremely versatile and accurate, are vulnerabl...

Generating Adversarial Samples in Mini-Batches May Be Detrimental To Adversarial Robustness

Neural networks have been proven to be both highly effective within comp...

Deep Poisoning Functions: Towards Robust Privacy-safe Image Data Sharing

As deep networks are applied to an ever-expanding set of computer vision...

Does Interpretability of Neural Networks Imply Adversarial Robustness?

The success of deep neural networks is clouded by two issues that largel...

Fortified Networks: Improving the Robustness of Deep Networks by Modeling the Manifold of Hidden Representations

Deep networks have achieved impressive results across a variety of impor...

Adversarial images for the primate brain

Deep artificial neural networks have been proposed as a model of primate...