Adversarial training (AT) defends deep neural networks against adversarial attacks. One
challenge that limits its practical application is the performance degradation on clean …

We study graph data augmentation by mixup, which has been used successfully on images.
A key operation of mixup is to compute a convex combination of a pair of inputs. This …

The distance between two classes for a deep learning classifier can be measured by the
level of difficulty in flip** all (or majority of) samples in a class to the other. The class …

The rapid development of deep natural language processing (NLP) models for text
classification has led to an urgent need for a unified understanding of these models …

Selecting suitable architecture parameters and training hyperparameters is essential for
enhancing machine learning (ML) model performance. Several recent empirical studies …

We introduce Noisy Feature Mixup (NFM), an inexpensive yet effective method for data
augmentation that combines the best of interpolation based training and noise injection …

Adversarial attacks on deep learning models have compromised their performance
considerably. As remedies, a number of defense methods were proposed, which however …

Adversarial training has become the de-facto standard method for improving the robustness
of models against adversarial examples. However, robust overfitting remains a significant …

Abstract Domain generalization (DG) aims to learn a model from multiple training (ie,
source) domains that can generalize well to the unseen test (ie, target) data coming from a …

A poisoning attack method manipulating the training of a model is easily to be detected
since the general performance of a model is downgraded. Although a backdoor attack only …