We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:


Current browse context:


Change to browse by:

References & Citations


(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Statistics > Machine Learning

Title: You Only Propagate Once: Accelerating Adversarial Training via Maximal Principle

Abstract: Deep learning achieves state-of-the-art results in many tasks in computer vision and natural language processing. However, recent works have shown that deep networks can be vulnerable to adversarial perturbations, which raised a serious robustness issue of deep networks. Adversarial training, typically formulated as a robust optimization problem, is an effective way of improving the robustness of deep networks. A major drawback of existing adversarial training algorithms is the computational overhead of the generation of adversarial examples, typically far greater than that of the network training. This leads to the unbearable overall computational cost of adversarial training. In this paper, we show that adversarial training can be cast as a discrete time differential game. Through analyzing the Pontryagin's Maximal Principle (PMP) of the problem, we observe that the adversary update is only coupled with the parameters of the first layer of the network. This inspires us to restrict most of the forward and back propagation within the first layer of the network during adversary updates. This effectively reduces the total number of full forward and backward propagation to only one for each group of adversary updates. Therefore, we refer to this algorithm YOPO (You Only Propagate Once). Numerical experiments demonstrate that YOPO can achieve comparable defense accuracy with approximately 1/5 ~ 1/4 GPU time of the projected gradient descent (PGD) algorithm. Our codes are available at https://this https URL
Comments: Accepted as a conference paper at NeurIPS 2019
Subjects: Machine Learning (stat.ML); Machine Learning (cs.LG); Optimization and Control (math.OC)
Cite as: arXiv:1905.00877 [stat.ML]
  (or arXiv:1905.00877v6 [stat.ML] for this version)

Submission history

From: Dinghuai Zhang [view email]
[v1] Thu, 2 May 2019 17:46:06 GMT (685kb,D)
[v2] Sun, 5 May 2019 03:54:37 GMT (680kb,D)
[v3] Thu, 16 May 2019 02:08:20 GMT (712kb,D)
[v4] Thu, 23 May 2019 17:46:39 GMT (1154kb,D)
[v5] Wed, 3 Jul 2019 01:20:13 GMT (1166kb,D)
[v6] Fri, 1 Nov 2019 17:12:15 GMT (1175kb,D)

Link back to: arXiv, form interface, contact.