TasksSotADatasetsPapersMethodsSubmitAbout
Papers With Code 2

A community resource for machine learning research: papers, code, benchmarks, and state-of-the-art results.

Explore

Notable BenchmarksAll SotADatasetsPapersMethods

Community

Submit ResultsAbout

Data sourced from the PWC Archive (CC-BY-SA 4.0). Built by the community, for the community.

Papers/An Orthogonal Classifier for Improving the Adversarial Rob...

An Orthogonal Classifier for Improving the Adversarial Robustness of Neural Networks

Cong Xu, Xiang Li, Min Yang

2021-05-19Adversarial RobustnessAdversarial Attack
PaperPDFCode(official)

Abstract

Neural networks are susceptible to artificially designed adversarial perturbations. Recent efforts have shown that imposing certain modifications on classification layer can improve the robustness of the neural networks. In this paper, we explicitly construct a dense orthogonal weight matrix whose entries have the same magnitude, thereby leading to a novel robust classifier. The proposed classifier avoids the undesired structural redundancy issue in previous work. Applying this classifier in standard training on clean data is sufficient to ensure the high accuracy and good robustness of the model. Moreover, when extra adversarial samples are used, better robustness can be further obtained with the help of a special worst-case loss. Experimental results show that our method is efficient and competitive to many state-of-the-art defensive approaches. Our code is available at \url{https://github.com/MTandHJ/roboc}.

Results

TaskDatasetMetricValueModel
Adversarial AttackCIFAR-10Attack: AutoAttack44.15Xu et al.
Adversarial AttackCIFAR-10Attack: DeepFool51.31Xu et al.
Adversarial AttackCIFAR-10Attack: PGD2078.68Xu et al.

Related Papers

Bridging Robustness and Generalization Against Word Substitution Attacks in NLP via the Growth Bound Matrix Approach2025-07-143DGAA: Realistic and Robust 3D Gaussian-based Adversarial Attack for Autonomous Driving2025-07-14VIP: Visual Information Protection through Adversarial Attacks on Vision-Language Models2025-07-11Identifying the Smallest Adversarial Load Perturbations that Render DC-OPF Infeasible2025-07-10ScoreAdv: Score-based Targeted Generation of Natural Adversarial Examples via Diffusion Models2025-07-08Tail-aware Adversarial Attacks: A Distributional Approach to Efficient LLM Jailbreaking2025-07-06Evaluating the Evaluators: Trust in Adversarial Robustness Tests2025-07-04Rectifying Adversarial Sample with Low Entropy Prior for Test-Time Defense2025-07-04