Our paper is accepted to The 25th IEEE International Conference on Data Mining (ICDM-25) 🎉.
This paper introduces the concept of Populated Region Set (PRS) to analyze internal properties of deep neural networks related to adversarial robustness. Through empirical studies, we show that a low PRS ratio is strongly linked to model robustness and propose a PRS-based regularizer that improves robustness without adversarial training.
Title: On the Relationship between Populated Regions and Adversarial Robustness in Deep Neural Networks
Authors: Seongjin Park*, Haedong Jeong*, Tair Djanibekov*, Giyoung Jeon, Jinseok Seol, and Jaesik Choi (* contributed equally)
Pre-print version:
On the Relationship Between Adversarial Robustness and Decision Region in Deep Neural Network
Accepted version:
(To be appear)