Incorporating Hidden Layer representation into Adversarial Attacks and Defences. (arXiv:2011.14045v2 [cs.LG] UPDATED)

In this paper, we propose a defence strategy to improve adversarial
robustness by incorporating hidden layer representation. The key of this
defence strategy aims to compress or filter input information including
adversarial perturbation. And this defence strategy can be regarded as an
activation function which can be applied to any kind of neural network. We also
prove theoretically the effectiveness of this defense strategy under certain
conditions. Besides, incorporating hidden layer representation we propose three
types of adversarial attacks to …

arxiv attacks lg representation