ALAT：对抗性标签引导对抗性训练

IF 3.3 3区计算机科学 Q2 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Pattern Recognition Letters Pub Date : 2025-07-01 DOI:10.1016/j.patrec.2025.06.012

Nan Wang , Yong Yu , Honghong Wang

{"title":"ALAT：对抗性标签引导对抗性训练","authors":"Nan Wang , Yong Yu , Honghong Wang","doi":"10.1016/j.patrec.2025.06.012","DOIUrl":null,"url":null,"abstract":"<div><div>Adversarial training is a widely used defense method in deep neural networks that enhances the model’s ability to detect perturbations and improve network robustness. Previous studies have assessed adversarial attack performance from various angles, leading to enhancements in adversarial training to bolster network robustness. However, while some research has explored the effectiveness of misclassified data in improving adversarial training, they have ignored the importance of the adversarial predicted labels. We observe that adversarial sample prediction labels often correspond to high probability categories in natural predictions. This paper proposes a new adversarial training method called <strong>Adversarial Label-guided Adversarial Training (ALAT)</strong>. This method incorporates an additional regularization term that integrates adversarial prediction labels into the training process, guiding predictions closer to true labels and away from adversarial labels. Extensive experiments confirm its effectiveness.</div></div>","PeriodicalId":54638,"journal":{"name":"Pattern Recognition Letters","volume":"196 ","pages":"Pages 250-256"},"PeriodicalIF":3.3000,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"ALAT: Adversarial Label-guided Adversarial Training\",\"authors\":\"Nan Wang , Yong Yu , Honghong Wang\",\"doi\":\"10.1016/j.patrec.2025.06.012\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Adversarial training is a widely used defense method in deep neural networks that enhances the model’s ability to detect perturbations and improve network robustness. Previous studies have assessed adversarial attack performance from various angles, leading to enhancements in adversarial training to bolster network robustness. However, while some research has explored the effectiveness of misclassified data in improving adversarial training, they have ignored the importance of the adversarial predicted labels. We observe that adversarial sample prediction labels often correspond to high probability categories in natural predictions. This paper proposes a new adversarial training method called <strong>Adversarial Label-guided Adversarial Training (ALAT)</strong>. This method incorporates an additional regularization term that integrates adversarial prediction labels into the training process, guiding predictions closer to true labels and away from adversarial labels. Extensive experiments confirm its effectiveness.</div></div>\",\"PeriodicalId\":54638,\"journal\":{\"name\":\"Pattern Recognition Letters\",\"volume\":\"196 \",\"pages\":\"Pages 250-256\"},\"PeriodicalIF\":3.3000,\"publicationDate\":\"2025-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Pattern Recognition Letters\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167865525002405\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Pattern Recognition Letters","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167865525002405","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

摘要

对抗训练是深度神经网络中广泛使用的一种防御方法，它增强了模型检测扰动的能力，提高了网络的鲁棒性。以前的研究从不同的角度评估了对抗性攻击的性能，从而增强了对抗性训练以增强网络的鲁棒性。然而，虽然一些研究已经探索了错误分类数据在提高对抗训练中的有效性，但他们忽略了对抗预测标签的重要性。我们观察到，对抗性样本预测标签通常对应于自然预测中的高概率类别。本文提出了一种新的对抗训练方法——对抗标签引导对抗训练（ALAT）。该方法结合了一个额外的正则化项，将对抗性预测标签集成到训练过程中，引导预测更接近真实标签，远离对抗性标签。大量的实验证实了其有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

ALAT: Adversarial Label-guided Adversarial Training

Adversarial training is a widely used defense method in deep neural networks that enhances the model’s ability to detect perturbations and improve network robustness. Previous studies have assessed adversarial attack performance from various angles, leading to enhancements in adversarial training to bolster network robustness. However, while some research has explored the effectiveness of misclassified data in improving adversarial training, they have ignored the importance of the adversarial predicted labels. We observe that adversarial sample prediction labels often correspond to high probability categories in natural predictions. This paper proposes a new adversarial training method called Adversarial Label-guided Adversarial Training (ALAT). This method incorporates an additional regularization term that integrates adversarial prediction labels into the training process, guiding predictions closer to true labels and away from adversarial labels. Extensive experiments confirm its effectiveness.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Pattern Recognition Letters 工程技术-计算机：人工智能

CiteScore

12.40

自引率

5.90%

发文量

287

审稿时长

9.1 months

期刊介绍： Pattern Recognition Letters aims at rapid publication of concise articles of a broad interest in pattern recognition. Subject areas include all the current fields of interest represented by the Technical Committees of the International Association of Pattern Recognition, and other developing themes involving learning and recognition.