adversarial

We propose a notion of neuron sensitivity in terms of adversarial robustness, along with an attack that works as well as PGD. The notion can be extended as a regularization term, providing adversarial robustness without adversarial training.

We propose an active-learning framework that utilizes studen-teacher learning and adversarial noise to achieve SOTA on inter-domain face-identification.

We propose an adversarial defense that is simultaneously robust to multiple attacks, and evaluate its efficacy over benchmark datasets.