In adversarial machine learning, deep neural networks can fit the adversarial examples on
the training dataset but have poor generalization ability on the test set. This phenomenon is …

Adversarial training (AT) has become the de-facto standard to obtain models robust against
adversarial examples. However, AT exhibits severe robust overfitting: cross-entropy loss on …

Fast adversarial training (FAT) is an efficient method to improve robustness in white-box
attack scenarios. However, the original FAT suffers from catastrophic overfitting, which …

Averaging neural network weights sampled by a backbone stochastic gradient descent
(SGD) is a simple-yet-effective approach to assist the backbone SGD in finding better …

Adversarial robustness of the neural network is a significant concern when it is applied to
security-critical domains. In this situation adversarial distillation is a promising option which …

Recent studies have shown that deep neural networks are vulnerable to adversarial
examples. Numerous defenses have been proposed to improve model robustness, among …

As acquiring manual labels on data could be costly, unsupervised domain adaptation
(UDA), which transfers knowledge learned from a rich-label dataset to the unlabeled target …

Adversarial training improves the robustness of neural networks against adversarial attacks,
albeit at the expense of the trade-off between standard and robust generalization. To unveil …

Robust Unsupervised Domain Adaptation (RoUDA) aims to achieve not only clean but also
robust cross-domain knowledge transfer from a labeled source domain to an unlabeled …

Deep learning is becoming increasingly relevant for many high-stakes applications such as
autonomous driving or medical diagnosis where wrong decisions can have massive impact …