Report Open Access
Hypespherical class prototypes for adversarial robustness
Mygdalis Vasileios; Ioannis Pitas
DCAT Export
<?xml version='1.0' encoding='utf-8'?>
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:adms="http://www.w3.org/ns/adms#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dct="http://purl.org/dc/terms/" xmlns:dctype="http://purl.org/dc/dcmitype/" xmlns:dcat="http://www.w3.org/ns/dcat#" xmlns:duv="http://www.w3.org/ns/duv#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:frapo="http://purl.org/cerif/frapo/" xmlns:geo="http://www.w3.org/2003/01/geo/wgs84_pos#" xmlns:gsp="http://www.opengis.net/ont/geosparql#" xmlns:locn="http://www.w3.org/ns/locn#" xmlns:org="http://www.w3.org/ns/org#" xmlns:owl="http://www.w3.org/2002/07/owl#" xmlns:prov="http://www.w3.org/ns/prov#" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:schema="http://schema.org/" xmlns:skos="http://www.w3.org/2004/02/skos/core#" xmlns:vcard="http://www.w3.org/2006/vcard/ns#" xmlns:wdrs="http://www.w3.org/2007/05/powder-s#">
<rdf:Description rdf:about="https://doi.org/10.5281/zenodo.5137295">
<dct:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://doi.org/10.5281/zenodo.5137295</dct:identifier>
<foaf:page rdf:resource="https://doi.org/10.5281/zenodo.5137295"/>
<dct:creator>
<rdf:Description>
<rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
<foaf:name>Mygdalis Vasileios</foaf:name>
<org:memberOf>
<foaf:Organization>
<foaf:name>Aristoteleio Panepistimio Thessalonikis</foaf:name>
</foaf:Organization>
</org:memberOf>
</rdf:Description>
</dct:creator>
<dct:creator>
<rdf:Description>
<rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
<foaf:name>Ioannis Pitas</foaf:name>
<org:memberOf>
<foaf:Organization>
<foaf:name>Aristoteleio Panepistimio Thessalonikis</foaf:name>
</foaf:Organization>
</org:memberOf>
</rdf:Description>
</dct:creator>
<dct:title>Hypespherical class prototypes for adversarial robustness</dct:title>
<dct:publisher>
<foaf:Agent>
<foaf:name>Zenodo</foaf:name>
</foaf:Agent>
</dct:publisher>
<dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#gYear">2021</dct:issued>
<frapo:isFundedBy rdf:resource="info:eu-repo/grantAgreement/EC/Horizon 2020 Framework Programme - Research and Innovation action/951911/"/>
<schema:funder>
<foaf:Organization>
<dct:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#string">10.13039/100010661</dct:identifier>
<foaf:name>European Commission</foaf:name>
</foaf:Organization>
</schema:funder>
<dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2021-07-26</dct:issued>
<owl:sameAs rdf:resource="https://zenodo.org/record/5137295"/>
<adms:identifier>
<adms:Identifier>
<skos:notation rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://zenodo.org/record/5137295</skos:notation>
<adms:schemeAgency>url</adms:schemeAgency>
</adms:Identifier>
</adms:identifier>
<dct:isVersionOf rdf:resource="https://doi.org/10.5281/zenodo.5137294"/>
<dct:description><pre>This work addresses the problem of adversarial robustness in deep neural network classification from an optimal class boundary estimation perspective. It is argued that increased model robustness to adversarial attacks can be achieved when the feature learning process is monitored by geometrically-inspired optimization criteria. To this end, we propose to learn hyperspherical class prototypes in the neural feature embedding space, along with training the network parameters. Three concurrent optimization functions for the intermediate hidden layer training data activations are devised, requiring items of the same class to be enclosed by the corresponding class prototype boundaries, to have minimum distance from their class prototype vector (i.e., hypersphere center) and to have maximum distance from the remainder hypersphere centers. Our experiments show that training standard classification model architectures with the proposed objectives, significantly increases their robustness to white-box adversarial attacks, without adverse (if not beneficial) effects to their classification accuracy.</pre></dct:description>
<dct:accessRights rdf:resource="http://publications.europa.eu/resource/authority/access-right/PUBLIC"/>
<dct:accessRights>
<dct:RightsStatement rdf:about="info:eu-repo/semantics/openAccess">
<rdfs:label>Open Access</rdfs:label>
</dct:RightsStatement>
</dct:accessRights>
<dct:license rdf:resource="https://creativecommons.org/licenses/by/4.0/legalcode"/>
<dcat:distribution>
<dcat:Distribution>
<dcat:accessURL rdf:resource="https://doi.org/10.5281/zenodo.5137295"/>
<dcat:byteSize>407044</dcat:byteSize>
<dcat:downloadURL rdf:resource="https://zenodo.org/record/5137295/files/Hypespherical class prototypes for adversarial robustness_.pdf"/>
<dcat:mediaType>application/pdf</dcat:mediaType>
</dcat:Distribution>
</dcat:distribution>
</rdf:Description>
<foaf:Project rdf:about="info:eu-repo/grantAgreement/EC/Horizon 2020 Framework Programme - Research and Innovation action/951911/">
<dct:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#string">951911</dct:identifier>
<dct:title>A European Excellence Centre for Media, Society and Democracy</dct:title>
<frapo:isAwardedBy>
<foaf:Organization>
<dct:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#string">10.13039/100010661</dct:identifier>
<foaf:name>European Commission</foaf:name>
</foaf:Organization>
</frapo:isAwardedBy>
</foaf:Project>
</rdf:RDF>
49
31
views
downloads
| All versions | This version | |
|---|---|---|
| Views | 49 | 49 |
| Downloads | 31 | 31 |
| Data volume | 12.6 MB | 12.6 MB |
| Unique views | 34 | 34 |
| Unique downloads | 29 | 29 |
Indexed in
- Publication date:
- July 26, 2021
- DOI:
-
- Grants:
-
European Commission:
- AI4Media - A European Excellence Centre for Media, Society and Democracy (951911)
- License (for files):
- Creative Commons Attribution 4.0 International