3 thoughts on “Neural Structured Learning – Part 4: Adversarial learning for image classification

  1. apart from correctly classifying of the adversarial neighbors, is there any advantage of the model trained this way? Is there any influence on test accuracy, for example?

  2. Does the "robustness" provided by this method mostly just increase robustness against adversarial examples generated in the same manner as this model, or is it more general/broad robustness? In other words, let's say another new method to generate adversarial examples is discovered/used, will this method be robust against that new method as well (without having knowledge/training of what the new method is)?

Leave a Reply

Your email address will not be published. Required fields are marked *