defense arXiv Sep 1, 2025 · Sep 2025
Yixiong Ren, Wenkang Du, Jianhui Zhou et al. · Chinese Academy of Sciences · University of Science and Technology of China +1 more
Defends against adversarial attacks by sculpting DNN representations via geometry-aware layer-wise training to enforce intra-class compactness and inter-class separation
Input Manipulation Attack vision
How to balance training accuracy and adversarial robustness has become a challenge since the birth of deep learning. Here, we introduce a geometry-aware deep learning framework that leverages layer-wise local training to sculpt the internal representations of deep neural networks. This framework promotes intra-class compactness and inter-class separation in feature space, leading to manifold smoothness and adversarial robustness against white or black box attacks. The performance can be explained by an energy model with Hebbian coupling between elements of the hidden representation. Our results thus shed light on the physics of learning in the direction of alignment between biological and artificial intelligence systems. Using the current framework, the deep network can assimilate new information into existing knowledge structures while reducing representation interference.
cnn transformer Chinese Academy of Sciences · University of Science and Technology of China · Sun Yat-Sen University
ML Security Papers