TY - GEN
T1 - Generating Adversarial Examples by Adversarial Networks for Semi-supervised Learning
AU - Ma, Yun
AU - Mao, Xudong
AU - Chen, Yangbin
AU - Li, Qing
PY - 2019
Y1 - 2019
N2 - Semi-Supervised Learning (SSL) has exhibited strong effectiveness in boosting the performance of classification models with the aid of a large amount of unlabeled data. Recently, regularizing the classifier with the help of adversarial examples has proven effective for semi-supervised learning. Existing methods hypothesize that the adversarial examples are based on the pixel-wise perturbation of the original samples. However, other types of adversarial examples (e.g., with spatial transformation) should also be useful for improving the robustness of the classifier. In this paper, we propose a new generalized framework based on adversarial networks, which is able to generate various types of adversarial examples. Our model consists of two modules which are trained in an adversarial process: a generator mapping the original samples to adversarial examples which can fool the classifier, and a classifier that tries to classify the original samples and the adversarial examples consistently. We evaluate our model on several datasets, and the experimental results show that our model outperforms the state-of-the-art methods for semi-supervised learning. The experiments also demonstrate that our model can generate adversarial examples with various types of perturbation such as local spatial transformation, color transformation, and pixel-wise perturbation. Moreover, our model is also applicable to supervised learning, performing as a regularization term to improve the generalization performance of the classifier.
AB - Semi-Supervised Learning (SSL) has exhibited strong effectiveness in boosting the performance of classification models with the aid of a large amount of unlabeled data. Recently, regularizing the classifier with the help of adversarial examples has proven effective for semi-supervised learning. Existing methods hypothesize that the adversarial examples are based on the pixel-wise perturbation of the original samples. However, other types of adversarial examples (e.g., with spatial transformation) should also be useful for improving the robustness of the classifier. In this paper, we propose a new generalized framework based on adversarial networks, which is able to generate various types of adversarial examples. Our model consists of two modules which are trained in an adversarial process: a generator mapping the original samples to adversarial examples which can fool the classifier, and a classifier that tries to classify the original samples and the adversarial examples consistently. We evaluate our model on several datasets, and the experimental results show that our model outperforms the state-of-the-art methods for semi-supervised learning. The experiments also demonstrate that our model can generate adversarial examples with various types of perturbation such as local spatial transformation, color transformation, and pixel-wise perturbation. Moreover, our model is also applicable to supervised learning, performing as a regularization term to improve the generalization performance of the classifier.
KW - Adversarial examples
KW - Adversarial networks
KW - Semi-supervised learning
UR - http://www.scopus.com/inward/record.url?scp=85076996731&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-34223-4_8
DO - 10.1007/978-3-030-34223-4_8
M3 - Conference article published in proceeding or book
AN - SCOPUS:85076996731
SN - 9783030342227
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 115
EP - 129
BT - Web Information Systems Engineering – WISE 2019 - 20th International Conference, Proceedings
A2 - Cheng, Reynold
A2 - Mamoulis, Nikos
A2 - Sun, Yizhou
A2 - Huang, Xin
PB - Springer
T2 - 20th International Conference on Web Information Systems Engineering, WISE 2019
Y2 - 26 November 2019 through 30 November 2019
ER -