On the Effect of Pruning on Adversarial Robustness
Pruning is a well-known mechanism for reducing the computational cost of deep convolutional networks. However, studies have shown the potential of pruning as a form of regularization, which reduces overfitting and improves generalization. We demonstrate that this family of strategies provides additi...
Saved in:
| Published in: | 2021 IEEE/CVF International Conference on Computer Vision Workshops (ICCVW) pp. 1 - 11 |
|---|---|
| Main Authors: | , |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
IEEE
01-10-2021
|
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Abstract | Pruning is a well-known mechanism for reducing the computational cost of deep convolutional networks. However, studies have shown the potential of pruning as a form of regularization, which reduces overfitting and improves generalization. We demonstrate that this family of strategies provides additional benefits beyond computational performance and generalization. Our analyses reveal that pruning structures (filters and/or layers) from convolutional networks increase not only generalization but also robustness to adversarial images (natural images with content modified). Such achievements are possible since pruning reduces network capacity and provides regularization, which have been proven effective tools against adversarial images. In contrast to promising defense mechanisms that require training with adversarial images and careful regularization, we show that pruning obtains competitive results considering only natural images (e.g., the standard and low-cost training). We confirm these findings on several adversarial attacks and architectures; thus suggesting the potential of pruning as a novel defense mechanism against adversarial images. |
|---|---|
| AbstractList | Pruning is a well-known mechanism for reducing the computational cost of deep convolutional networks. However, studies have shown the potential of pruning as a form of regularization, which reduces overfitting and improves generalization. We demonstrate that this family of strategies provides additional benefits beyond computational performance and generalization. Our analyses reveal that pruning structures (filters and/or layers) from convolutional networks increase not only generalization but also robustness to adversarial images (natural images with content modified). Such achievements are possible since pruning reduces network capacity and provides regularization, which have been proven effective tools against adversarial images. In contrast to promising defense mechanisms that require training with adversarial images and careful regularization, we show that pruning obtains competitive results considering only natural images (e.g., the standard and low-cost training). We confirm these findings on several adversarial attacks and architectures; thus suggesting the potential of pruning as a novel defense mechanism against adversarial images. |
| Author | Jordao, Artur Pedrini, Helio |
| Author_xml | – sequence: 1 givenname: Artur surname: Jordao fullname: Jordao, Artur email: arturjlcorreia@liv.ic.unicamp.br organization: University of Campinas (UNICAMP),Institute of Computing,Brazil – sequence: 2 givenname: Helio surname: Pedrini fullname: Pedrini, Helio email: helio@ic.unicamp.br organization: University of Campinas (UNICAMP),Institute of Computing,Brazil |
| BookMark | eNotjMtKw0AUQEdRsNZ8gQjzA6n3znuWJdRaKFTEx7JMJjcaqRPJpIJ_b0DP5mwO55KdpT4RYzcIC0Twt5uqennVCgUsBAhcwIQ9YYW3Do3RCtCjPGUzoawsvVfqghU5f0wVGtRewoyJXeLjO_FV21Iced_yh-GYuvTG-8SXzTcNOQxdOPDHvj7mMVHOV-y8DYdMxb_n7Plu9VTdl9vdelMtt2UnQI6labR2SkQfaxWVlKTIOKijC8HZOgStvEZfe4rCaHBCtEpHAVMPjY8Y5Jxd_307Itp_Dd1nGH723oB12spfJCdHAg |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/ICCVW54120.2021.00007 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library Online IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library Online url: http://ieeexplore.ieee.org/Xplore/DynWel.jsp sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Applied Sciences |
| EISBN | 9781665401913 1665401915 |
| EISSN | 2473-9944 |
| EndPage | 11 |
| ExternalDocumentID | 9607857 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IH 6IK 6IL 6IM 6IN AAJGR ABLEC ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI OCL RIE RIL RNS |
| ID | FETCH-LOGICAL-i203t-6d55842c9cb4c433e4e680bc8aa87baa549519b9ec2650822f45c20c9c0d9c1a3 |
| IEDL.DBID | RIE |
| IngestDate | Wed Jun 26 19:25:20 EDT 2024 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i203t-6d55842c9cb4c433e4e680bc8aa87baa549519b9ec2650822f45c20c9c0d9c1a3 |
| PageCount | 11 |
| ParticipantIDs | ieee_primary_9607857 |
| PublicationCentury | 2000 |
| PublicationDate | 2021-Oct. |
| PublicationDateYYYYMMDD | 2021-10-01 |
| PublicationDate_xml | – month: 10 year: 2021 text: 2021-Oct. |
| PublicationDecade | 2020 |
| PublicationTitle | 2021 IEEE/CVF International Conference on Computer Vision Workshops (ICCVW) |
| PublicationTitleAbbrev | ICCVW |
| PublicationYear | 2021 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0001615930 |
| Score | 2.2901912 |
| Snippet | Pruning is a well-known mechanism for reducing the computational cost of deep convolutional networks. However, studies have shown the potential of pruning as a... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 1 |
| SubjectTerms | Computational efficiency Computer architecture Computer vision Conferences Robustness Training |
| Title | On the Effect of Pruning on Adversarial Robustness |
| URI | https://ieeexplore.ieee.org/document/9607857 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://sdu.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV07T8MwED7RTkwFWsRbHhgJdWzHj7m0Kgsg3ltlO47EkiDS_P-ek6gVEgubZdmyfPb5vjvfA-AaVWMbEDgkSluTCGFd4iQyntHO2VRZxKjRNLB8UQ-f-m4e0-TcbGNhQgit81m4jc32Lz-vfBNNZVNE20pnagADZXQXq7Wzp6BoNpz2QTopNdP72ez9IxMpo6gGsrTNVPi7iEorQxaj_61-AJNdMB552oqZQ9gL5RGMevRIet6sx8AeS4JojnT5iElV4KwmWj1IVZK27nJt420jz5Vr6nV84ibwtpi_zpZJXxEh-WKUrxOZZwgYmDfeCS84DyJITZ3X1mrlrEVlDxGZM8GziLwYK0TmGcXxNDc-tfwYhmVVhhMgSCtJtZFOWimKwJzPikLi88cdDZarUxhHEqy-u6QXq373Z393n8N-pHHn5XYBw_VPEy5hUOfNVXtMG91XkVw |
| link.rule.ids | 310,311,782,786,791,792,798,27934,54767 |
| linkProvider | IEEE |
| linkToHtml | http://sdu.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwMhEJ5oPeipamt8y8Gja1lgeZxrmzbWarQ-bg2wbOJl17jd_y_sbtqYePFGCIQwMMw3wzwArr1qrJ0HDpGQWkWMaRMZ7hlPSWN0LLTHqME0MHkR8w95Nwppcm7WsTDOudr5zN2GZv2Xnxa2CqaygUfbQiZiG3YSJrhoorU2FhUvnBXFbZhOjNVgOhy-vScsJtgrgiSucxX-LqNSS5Fx93_r70N_E46HntaC5gC2XH4I3RY_opY7yx6Qxxx5PIeajMSoyPysKtg9UJGjuvJyqcN9Q8-FqcpVeOT68DoeLYaTqK2JEH0STFcRTxMPGYhV1jDLKHXMcYmNlVpLYbT26p7HZEY5SwL2IiRjiSXYj8epsrGmR9DJi9wdA_K04lgqbrjmLHPE2CTLuH8AqcFOU3ECvUCC5VeT9mLZ7v707-4r2J0sHmbL2XR-fwZ7gd6Nz9s5dFbflbuA7TKtLusj-wG5qJSt |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2021+IEEE%2FCVF+International+Conference+on+Computer+Vision+Workshops+%28ICCVW%29&rft.atitle=On+the+Effect+of+Pruning+on+Adversarial+Robustness&rft.au=Jordao%2C+Artur&rft.au=Pedrini%2C+Helio&rft.date=2021-10-01&rft.pub=IEEE&rft.eissn=2473-9944&rft.spage=1&rft.epage=11&rft_id=info:doi/10.1109%2FICCVW54120.2021.00007&rft.externalDocID=9607857 |