A Model Robustness Optimization Method Integrating Transfer Learning and Adversarial Training
In image classification networks,the adversarial training method is used to improve the robustness of the model.However,it can also bring a decrease in the classification accuracy of the model.To solve this problem,a new adversarial training approach incorporating transfer learning is proposed for robustness optimization.First,the model transfer strategy in transfer learning is adopted to enhance the learning ability of non-robust features,and then helps to construct adversarial samples.Second,the L2 regularization term is added to the loss function to constrain the parameter space and speed up the adversarial training convergence.In the end,the robust classification model is ob-tained through training.The experiments on the CIFAR-10 and Ant-Bee datasets achieve accuracy improvements of 8.3%,36.7%,and 13.9%,respectively,under three adversarial sample attacks.Experimental results demonstrate that the proposed method can improve the robustness of the model as well as the accuracy of classification.
Transfer learningAdversarial trainingAdversarial examplesRobustnessConvolutional neural net-works
NETL
NSTL
万方数据
