IDEAS home Printed from https://ideas.repec.org/a/plo/pone00/0317023.html
   My bibliography  Save this article

Avoiding catastrophic overfitting in fast adversarial training with adaptive similarity step size

Author

Listed:
  • Jie-Chao Zhao
  • Jin Ding
  • Yong-Zhi Sun
  • Ping Tan
  • Ji-En Ma
  • You-Tong Fang

Abstract

Adversarial training has become a primary method for enhancing the robustness of deep learning models. In recent years, fast adversarial training methods have gained widespread attention due to their lower computational cost. However, since fast adversarial training uses single-step adversarial attacks instead of multi-step attacks, the generated adversarial examples lack diversity, making models prone to catastrophic overfitting and loss of robustness. Existing methods to prevent catastrophic overfitting have certain shortcomings, such as poor robustness due to insufficient strength of generated adversarial examples, and low accuracy caused by excessive total perturbation. To address these issues, this paper proposes a fast adversarial training method—fast adversarial training with adaptive similarity step size (ATSS). In this method, random noise is first added to the input clean samples, and the model then calculates the gradient for each input sample. The perturbation step size for each sample is determined based on the similarity between the input noise and the gradient direction. Finally, adversarial examples are generated based on the step size and gradient for adversarial training. We conduct various adversarial attack tests on ResNet18 and VGG19 models using the CIFAR-10, CIFAR-100 and Tiny ImageNet datasets. The experimental results demonstrate that our method effectively avoids catastrophic overfitting. And compared to other fast adversarial training methods, ATSS achieves higher robustness accuracy and clean accuracy, with almost no additional training cost.

Suggested Citation

  • Jie-Chao Zhao & Jin Ding & Yong-Zhi Sun & Ping Tan & Ji-En Ma & You-Tong Fang, 2025. "Avoiding catastrophic overfitting in fast adversarial training with adaptive similarity step size," PLOS ONE, Public Library of Science, vol. 20(1), pages 1-22, January.
    • Handle: RePEc:plo:pone00:0317023
    DOI: 10.1371/journal.pone.0317023
    as

    Download full text from publisher

    File URL: https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0317023
    Download Restriction: no
    File URL: https://journals.plos.org/plosone/article/file?id=10.1371/journal.pone.0317023&type=printable
    Download Restriction: no
    File URL: https://libkey.io/10.1371/journal.pone.0317023?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Yuchen Liu & Shuzhen Diao, 2024. "An automatic driving trajectory planning approach in complex traffic scenarios based on integrated driver style inference and deep reinforcement learning," PLOS ONE, Public Library of Science, vol. 19(1), pages 1-26, January.
    2. Ramandeep Singh & Mannudeep K Kalra & Chayanin Nitiwarangkul & John A Patti & Fatemeh Homayounieh & Atul Padole & Pooja Rao & Preetham Putha & Victorine V Muse & Amita Sharma & Subba R Digumarthy, 2018. "Deep learning in chest radiography: Detection of findings and presence of change," PLOS ONE, Public Library of Science, vol. 13(10), pages 1-12, October.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Eric Engle & Andrei Gabrielian & Alyssa Long & Darrell E Hurt & Alex Rosenthal, 2020. "Performance of Qure.ai automatic classifiers against a large annotated database of patients with diverse forms of tuberculosis," PLOS ONE, Public Library of Science, vol. 15(1), pages 1-19, January.
    2. Marta Rachel & Stanisław Topolewicz & Sabina Galiniak, 2020. "Detection of Cystic Fibrosis Symptoms Based on X-Ray Images Using Machine Learning- Pilot Study," Biomedical Journal of Scientific & Technical Research, Biomedical Research Network+, LLC, vol. 24(2), pages 18078-18083, January.
    3. Kyong Joon Lee & Inseon Ryoo & Dongjun Choi & Leonard Sunwoo & Sung-Hye You & Hye Na Jung, 2020. "Performance of deep learning to detect mastoiditis using multiple conventional radiographs of mastoid," PLOS ONE, Public Library of Science, vol. 15(11), pages 1-18, November.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:plo:pone00:0317023. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: plosone (email available below). General contact details of provider: https://journals.plos.org/plosone/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.