Adversarial attacks against deep neural networks (DNNs) are continuously
evolving, requiring increasingly powerful defense strategies. We develop a
novel adversarial defense framework inspired by the adaptive immune system: the
Robust Adversarial Immune-inspired Learning System (RAILS). Initializing a
population of exemplars that is balanced across classes, RAILS starts from a
uniform label distribution that encourages diversity and debiases a potentially
corrupted initial condition. RAILS implements an evolutionary optimization
process to adjust the label distribution and achieve specificity towards ground
truth. RAILS displays a tradeoff between robustness (diversity) and accuracy
(specificity), providing a new immune-inspired perspective on adversarial
learning. We empirically validate the benefits of RAILS through several
adversarial image classification experiments on MNIST, SVHN, and CIFAR-10
datasets. For the PGD attack, RAILS is found to improve the robustness over
existing methods by >= 5.62%, 12.5% and 10.32%, respectively, without
appreciable loss of standard accuracy.

Go to Source of this post
Author Of this post: <a href="">Ren Wang</a>, <a href="">Tianqi Chen</a>, <a href="">Stephen Lindsly</a>, <a href="">Cooper Stansbury</a>, <a href="">Alnawaz Rehemtulla</a>, <a href="">Indika Rajapakse</a>, <a href="">Alfred Hero</a>

By admin