Diffusion Models Demand Contrastive Guidance for Adversarial Purification to Advance

Bai, Mingyuan; Huang, Wei; Li, Tenghui; Wang, Andong; Gao, Junbin; Caiafa, César Federico; Zhao, Qibin

Mostrar el registro sencillo del ítem

dc.contributor.author

Bai, Mingyuan

dc.contributor.author

Huang, Wei

dc.contributor.author

Li, Tenghui

dc.contributor.author

Wang, Andong

dc.contributor.author

Gao, Junbin

dc.contributor.author

Caiafa, César Federico Se ha confirmado la validez de este valor de autoridad por un usuario

dc.contributor.author

Zhao, Qibin

dc.contributor.other

Salakhutdino, Ruslan

dc.date.available

2024-08-07T09:53:24Z

dc.date.issued

2024

dc.identifier.citation

Diffusion Models Demand Contrastive Guidance for Adversarial Purification to Advance; 41st International Conference on Machine Learning; Viena; Austria; 2024; 1-17

dc.identifier.issn

2640-3498

dc.identifier.uri

http://hdl.handle.net/11336/241923

dc.description.abstract

In adversarial defense, adversarial purification can be viewed as a special generation task with the purpose to remove adversarial attacks and dif- fusion models excel in adversarial purification for their strong generative power. With different predetermined generation requirements, various types of guidance have been proposed, but few of them focuses on adversarial purification. In this work, we propose to guide diffusion mod- els for adversarial purification using contrastive guidance. We theoretically derive the proper noise level added in the forward process diffu- sion models for adversarial purification from a feature learning perspective. For the reverse pro- cess, it is implied that the role of contrastive loss guidance is to facilitate the evolution towards the signal direction. From the theoretical findings and implications, we design the forward process with the proper amount of Gaussian noise added and the reverse process with the gradient of contrastive loss as the guidance of diffusion models for adversarial purification. Empirically, exten- sive experiments on CIFAR-10, CIFAR-100, the German Traffic Sign Recognition Benchmark and ImageNet datasets with ResNet and WideResNet classifiers show that our method outperforms most of current adversarial training and adversarial purification methods by a large improvement.

dc.format

application/pdf

dc.language.iso

eng

dc.publisher

MLR press

dc.rights

info:eu-repo/semantics/openAccess

dc.rights.uri

https://creativecommons.org/licenses/by-nc-sa/2.5/ar/

dc.subject

stable diffusion

dc.subject

adversarial attacks

dc.subject

purification

dc.subject

artificial intelligence

dc.subject.classification

Otras Ciencias de la Computación e Información Se ha confirmado la validez de este valor de autoridad por un usuario

dc.subject.classification

Ciencias de la Computación e Información Se ha confirmado la validez de este valor de autoridad por un usuario

dc.subject.classification

CIENCIAS NATURALES Y EXACTAS Se ha confirmado la validez de este valor de autoridad por un usuario

dc.title

Diffusion Models Demand Contrastive Guidance for Adversarial Purification to Advance

dc.type

info:eu-repo/semantics/publishedVersion

dc.type

info:eu-repo/semantics/conferenceObject

dc.type

info:ar-repo/semantics/documento de conferencia

dc.date.updated

2024-06-13T10:33:24Z

dc.journal.volume

235

dc.journal.pagination

1-17

dc.journal.pais

Estados Unidos Se ha confirmado la validez de este valor de autoridad por un usuario

dc.journal.ciudad

New York

dc.description.fil

Fil: Bai, Mingyuan. Riken. Center of Advanced Intelligence Project; Japón

dc.description.fil

Fil: Huang, Wei. Riken. Center of Advanced Intelligence Project; Japón

dc.description.fil

Fil: Li, Tenghui. Riken. Center of Advanced Intelligence Project; Japón

dc.description.fil

Fil: Wang, Andong. Riken. Center of Advanced Intelligence Project; Japón

dc.description.fil

Fil: Gao, Junbin. The University of Sydney; Australia

dc.description.fil

Fil: Caiafa, César Federico. Provincia de Buenos Aires. Gobernación. Comisión de Investigaciones Científicas. Instituto Argentino de Radioastronomía. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - La Plata. Instituto Argentino de Radioastronomía; Argentina

dc.description.fil

Fil: Zhao, Qibin. Riken. Center of Advanced Intelligence Project; Japón

dc.relation.alternativeid

info:eu-repo/semantics/altIdentifier/url/https://icml.cc

dc.relation.alternativeid

info:eu-repo/semantics/altIdentifier/url/https://icml.cc/virtual/2024/poster/35110

dc.relation.alternativeid

info:eu-repo/semantics/altIdentifier/url/https://proceedings.mlr.press/v235/bai24b.html

dc.conicet.rol

Autor

dc.conicet.rol

Autor

dc.conicet.rol

Autor

dc.conicet.rol

Autor

dc.conicet.rol

Autor

dc.conicet.rol

Autor

dc.conicet.rol

Autor

dc.coverage

Internacional

dc.type.subtype

Conferencia

dc.description.nombreEvento

41st International Conference on Machine Learning

dc.date.evento

2024-07-21

dc.description.ciudadEvento

Viena

dc.description.paisEvento

Austria

dc.type.publicacion

Journal

dc.description.institucionOrganizadora

Carnegie Mellen University

dc.source.libro

ICML 2024 Proceedings

dc.source.revista

Proceedings of Machine Learning Research

dc.date.eventoHasta

2024-07-27

dc.type

Conferencia

Archivos asociados

Tamaño: 744.6Kb

Formato: PDF

Descargar