Mixing normal images and adversarial images when training CNNs

Mixing normal images and adversarial images when training CNNs

Mixing normal images and adversarial images when training CNNs – PyImageSearch

“After each batch update, the model has improved by two factors. First, the model has ideally learned more discriminating patterns in the training data. Secondly, the model has learned to defend against adversarial examples that the model itself generated.

Throughout an entire training procedure (tens to hundreds of epochs with tens of thousands to hundreds of thousands of batch updates), the model naturally learns to defend itself against adversarial attacks.

This method is more complex than the basic fine-tuning approach, but the benefits dramatically outweigh the negatives…”

Source: www.pyimagesearch.com/2021/03/15/mixing-normal-images-and-adversarial-images-when-training-cnns/