Robust Generative Adaptation Network for Open-Set Adversarial Defense

In open-set recognition scenarios, deep learning models are required to handle samples from unknown categories, which better reflects real-world conditions. However, this task poses significant challenges to current closed-set recognition models, and the emergence of adversarial samples further exacerbates the issue. Existing open-set adversarial defense methods still lack a comprehensive exploration of model architectures, and the efficacy of adversarial training methods remains suboptimal in generalizing to various types of noise. In this paper, we propose a novel network called the Robust Generative Adaptation Network (RGAN), which enhances closed-set recognition accuracy and open-set detection performance by optimizing the model architecture for open-set adversarial defense. We optimize the robust block that can be embedded within deep learning models to constrain the propagation effects of adversarial attacks, thereby enhancing the model’s robustness. Simultaneously, we employ a noise generator to create perturbations tailored to specific adversarial samples and leverage these perturbations to increase the model’s generalization ability to different forms of noise. We conduct comprehensive experiments on five widely used datasets and various classification architectures, and the experimental results demonstrate that our RGAN achieves State-Of-The-Art (SOTA) performance in open-set adversarial defense tasks. The code and models are available at https://github.com/ycLi-CV/RGAN-main.