Applied Sciences (May 2024)

Fast-M Adversarial Training Algorithm for Deep Neural Networks

  • Yu Ma,
  • Dou An,
  • Zhixiang Gu,
  • Jie Lin,
  • Weiyu Liu

DOI
https://doi.org/10.3390/app14114607
Journal volume & issue
Vol. 14, no. 11
p. 4607

Abstract

Read online

Although deep neural networks have been successfully applied in many fields, research studies show that neural network models are easily disrupted by small malicious inputs, greatly reducing their performance. Such disruptions are known as adversarial attacks. To reduce the impact of adversarial attacks on models, researchers have proposed adversarial training methods. However, compared with standard training, adversarial training results in additional computational overhead and training time. To improve the training effect without significantly increasing the training time, an improved Fast-M adversarial training algorithm based on the fast adversarial training algorithm is proposed in this paper. Extensive comparative experiments are conducted with the MNIST, CIFAR10, and CIFAR100 datasets. The results show that the Fast-M algorithm achieves the same training effect as the commonly used projected gradient descent (PGD) adversarial training method, with a training time that is only one-third of that of PGD and a performance comparable to that of fast adversarial training, demonstrating the proposed algorithm’s effectiveness.

Keywords