Adaptive Weight Assignment for Adversarial Training Based on Predicted Class Probabilities Across Different Attacks and Perturbation Sizes

Atsague, Modeste; Tian, Jin; Fakorede, Olukorede

Item

Adaptive Weight Assignment for Adversarial Training Based on Predicted Class Probabilities Across Different Attacks and Perturbation Sizes

Atsague, Modeste
;
Tian, Jin
;
Fakorede, Olukorede

Author

Atsague, Modeste
Tian, Jin
Fakorede, Olukorede

Department

Machine Learning

Type

Conference proceeding

Date

2025

Language

English

Collections

Publications

Show all metadata

Abstract

Adversarial training (AT) improves model robustness by incorporating adversarial examples during training. Traditional methods, however, treat all examples equally, limiting their effectiveness. Recent studies show that adversarial examples vary in importance, and failing to account for this can weaken robustness. New approaches assign different weights to adversarial examples, improving defenses against specific attacks while maintaining natural accuracy. However, existing reweighting strategies often struggle against stronger attacks like CW and AA. Our analysis reveals that misclassified inputs may be assigned to different incorrect classes depending on the attack type and perturbation size, suggesting that more than one metric for weight assignment is required. To tackle this, we propose an Adaptive Weight Assignment (AWA) strategy that uses predicted class probabilities across multiple attack types and perturbation sizes. This method strengthens weaker adversarially trained models and significantly improves robustness against strong attacks like CW and AA, as confirmed by our extensive experiments.

Citation

M. Atsague, J. Tian, and O. Fakorede, “Adaptive Weight Assignment for Adversarial Training Based on Predicted Class Probabilities Across Different Attacks and Perturbation Sizes,” pp. 27–38, 2025, doi: 10.1007/978-981-96-8183-9_3

Source

Advances in Knowledge Discovery and Data Mining

Conference

29th Pacific-Asia Conference on Knowledge Discovery and Data Mining, PAKDD 2025

Source

29th Pacific-Asia Conference on Knowledge Discovery and Data Mining, PAKDD 2025

Publisher

Springer Nature

DOI

10.1007/978-981-96-8183-9_3

Additional links

https://link.springer.com/chapter/10.1007/978-981-96-8183-9_3

Adaptive Weight Assignment for Adversarial Training Based on Predicted Class Probabilities Across Different Attacks and Perturbation Sizes

Atsague, Modeste
;
Tian, Jin
;
Fakorede, Olukorede

Author

Supervisor

Department

Embargo End Date

Type

Date

License

Language

Collections

Research Projects

Organizational Units

Journal Issue

Abstract

Citation

Source

Conference

Keywords

Subjects

Source

Publisher

DOI

Additional links

Full-text link

Adaptive Weight Assignment for Adversarial Training Based on Predicted Class Probabilities Across Different Attacks and Perturbation Sizes

Atsague, Modeste ; Tian, Jin ; Fakorede, Olukorede

Author

Supervisor

Department

Embargo End Date

Type

Date

License

Language

Collections

Research Projects

Organizational Units

Journal Issue

Abstract

Citation

Source

Conference

Keywords

Subjects

Source

Publisher

DOI

Additional links

Full-text link

Atsague, Modeste
;
Tian, Jin
;
Fakorede, Olukorede