{"id":"https://openalex.org/W4226434329","doi":"https://doi.org/10.1109/tpami.2023.3286772","title":"Interpolated Joint Space Adversarial Training for Robust and Generalizable Defenses","display_name":"Interpolated Joint Space Adversarial Training for Robust and Generalizable Defenses","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4226434329","doi":"https://doi.org/10.1109/tpami.2023.3286772","pmid":"https://pubmed.ncbi.nlm.nih.gov/37335791"},"language":"en","primary_location":{"id":"doi:10.1109/tpami.2023.3286772","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tpami.2023.3286772","pdf_url":null,"source":{"id":"https://openalex.org/S199944782","display_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","issn_l":"0162-8828","issn":["0162-8828","1939-3539","2160-9292"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","raw_type":"journal-article"},"type":"preprint","indexed_in":["crossref","pubmed"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5041734550","display_name":"Chun Pong Lau","orcid":"https://orcid.org/0000-0003-3748-4160"},"institutions":[{"id":"https://openalex.org/I145311948","display_name":"Johns Hopkins University","ror":"https://ror.org/00za53h95","country_code":"US","type":"education","lineage":["https://openalex.org/I145311948"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Chun Pong Lau","raw_affiliation_strings":["Department of Computer Science, Johns Hopkins University, Baltimore, MD, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Johns Hopkins University, Baltimore, MD, USA","institution_ids":["https://openalex.org/I145311948"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100325209","display_name":"Jiang Liu","orcid":"https://orcid.org/0000-0001-6281-6505"},"institutions":[{"id":"https://openalex.org/I145311948","display_name":"Johns Hopkins University","ror":"https://ror.org/00za53h95","country_code":"US","type":"education","lineage":["https://openalex.org/I145311948"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiang Liu","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Johns Hopkins University, Baltimore, MD, USA"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Johns Hopkins University, Baltimore, MD, USA","institution_ids":["https://openalex.org/I145311948"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046545544","display_name":"Hossein Souri","orcid":"https://orcid.org/0000-0001-5264-798X"},"institutions":[{"id":"https://openalex.org/I145311948","display_name":"Johns Hopkins University","ror":"https://ror.org/00za53h95","country_code":"US","type":"education","lineage":["https://openalex.org/I145311948"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hossein Souri","raw_affiliation_strings":["Department of Computer Science, Johns Hopkins University, Baltimore, MD, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Johns Hopkins University, Baltimore, MD, USA","institution_ids":["https://openalex.org/I145311948"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102311216","display_name":"Wei-An Lin","orcid":null},"institutions":[{"id":"https://openalex.org/I1306409833","display_name":"Adobe Systems (United States)","ror":"https://ror.org/059tvcg64","country_code":"US","type":"company","lineage":["https://openalex.org/I1306409833"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wei-An Lin","raw_affiliation_strings":["Adobe, USA"],"affiliations":[{"raw_affiliation_string":"Adobe, USA","institution_ids":["https://openalex.org/I1306409833"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025450606","display_name":"Soheil Feizi","orcid":"https://orcid.org/0000-0003-0944-8242"},"institutions":[{"id":"https://openalex.org/I66946132","display_name":"University of Maryland, College Park","ror":"https://ror.org/047s2c258","country_code":"US","type":"education","lineage":["https://openalex.org/I66946132"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Soheil Feizi","raw_affiliation_strings":["Department of Computer Science, University of Maryland, College Park, College Park, MD, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Maryland, College Park, College Park, MD, USA","institution_ids":["https://openalex.org/I66946132"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102762707","display_name":"Rama Chellappa","orcid":"https://orcid.org/0000-0002-7638-1650"},"institutions":[{"id":"https://openalex.org/I145311948","display_name":"Johns Hopkins University","ror":"https://ror.org/00za53h95","country_code":"US","type":"education","lineage":["https://openalex.org/I145311948"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rama Chellappa","raw_affiliation_strings":["Department of Electrical and Computer Engineering and the Department of Biomedical Engineering, Johns Hopkins University, Baltimore, MD, USA"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering and the Department of Biomedical Engineering, Johns Hopkins University, Baltimore, MD, USA","institution_ids":["https://openalex.org/I145311948"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5041734550"],"corresponding_institution_ids":["https://openalex.org/I145311948"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.00294629,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"45","issue":"11","first_page":"1","last_page":"14"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9544000029563904,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7949076890945435},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.7350044250488281},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6928187608718872},{"id":"https://openalex.org/keywords/overfitting","display_name":"Overfitting","score":0.6803624033927917},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6077839136123657},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.585422933101654},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5506125688552856},{"id":"https://openalex.org/keywords/generalization","display_name":"Generalization","score":0.47117263078689575},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.388483464717865},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.20437756180763245},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.09362423419952393}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7949076890945435},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.7350044250488281},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6928187608718872},{"id":"https://openalex.org/C22019652","wikidata":"https://www.wikidata.org/wiki/Q331309","display_name":"Overfitting","level":3,"score":0.6803624033927917},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6077839136123657},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.585422933101654},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5506125688552856},{"id":"https://openalex.org/C177148314","wikidata":"https://www.wikidata.org/wiki/Q170084","display_name":"Generalization","level":2,"score":0.47117263078689575},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.388483464717865},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.20437756180763245},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.09362423419952393},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/tpami.2023.3286772","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tpami.2023.3286772","pdf_url":null,"source":{"id":"https://openalex.org/S199944782","display_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","issn_l":"0162-8828","issn":["0162-8828","1939-3539","2160-9292"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","raw_type":"journal-article"},{"id":"pmid:37335791","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/37335791","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE transactions on pattern analysis and machine intelligence","raw_type":null}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":64,"referenced_works":["https://openalex.org/W1536680647","https://openalex.org/W2160815625","https://openalex.org/W2194775991","https://openalex.org/W2618530766","https://openalex.org/W2774644650","https://openalex.org/W2778624544","https://openalex.org/W2911290743","https://openalex.org/W2962785568","https://openalex.org/W2962858109","https://openalex.org/W2963034614","https://openalex.org/W2963501948","https://openalex.org/W2963857521","https://openalex.org/W2987875759","https://openalex.org/W2998293245","https://openalex.org/W3034537217","https://openalex.org/W3035743198","https://openalex.org/W3193615289","https://openalex.org/W4200633541","https://openalex.org/W4226232092","https://openalex.org/W4321194444","https://openalex.org/W6635084905","https://openalex.org/W6640425456","https://openalex.org/W6714644935","https://openalex.org/W6719080892","https://openalex.org/W6739868092","https://openalex.org/W6741036071","https://openalex.org/W6743428213","https://openalex.org/W6745136726","https://openalex.org/W6748204703","https://openalex.org/W6748475379","https://openalex.org/W6748582592","https://openalex.org/W6748799766","https://openalex.org/W6752910514","https://openalex.org/W6754438973","https://openalex.org/W6754646375","https://openalex.org/W6754733991","https://openalex.org/W6755310938","https://openalex.org/W6755609140","https://openalex.org/W6757555829","https://openalex.org/W6758684365","https://openalex.org/W6759129252","https://openalex.org/W6759334943","https://openalex.org/W6760184523","https://openalex.org/W6763151900","https://openalex.org/W6765694979","https://openalex.org/W6767575966","https://openalex.org/W6768008261","https://openalex.org/W6768030517","https://openalex.org/W6769624263","https://openalex.org/W6771156899","https://openalex.org/W6771809012","https://openalex.org/W6772291365","https://openalex.org/W6772461460","https://openalex.org/W6774076947","https://openalex.org/W6774127024","https://openalex.org/W6774469542","https://openalex.org/W6774681163","https://openalex.org/W6779168791","https://openalex.org/W6779628750","https://openalex.org/W6782844408","https://openalex.org/W6787972765","https://openalex.org/W6791498647","https://openalex.org/W6853137427","https://openalex.org/W6853185356"],"related_works":["https://openalex.org/W349990","https://openalex.org/W6229082","https://openalex.org/W13426584","https://openalex.org/W1323832","https://openalex.org/W12824513","https://openalex.org/W482614","https://openalex.org/W722847","https://openalex.org/W803423","https://openalex.org/W1319706","https://openalex.org/W547392"],"abstract_inverted_index":{"Adversarial":[0,138],"training":[1],"(AT)":[2],"is":[3,151],"considered":[4],"to":[5,29,163,174],"be":[6,156],"one":[7],"of":[8,121,181],"the":[9,55,62,85,94,111,119,122,179],"most":[10],"reliable":[11],"defenses":[12],"against":[13],"adversarial":[14,38,104],"attacks.":[15,31],"However,":[16,54],"models":[17,43],"trained":[18],"with":[19,37,89,169],"AT":[20,172],"sacrifice":[21],"standard":[22,145,165],"accuracy":[23,166],"and":[24,106,125,128,148,154,167,190],"do":[25],"not":[26],"generalize":[27],"well":[28],"unseen":[30,41],"Recent":[32],"works":[33],"show":[34,133],"generalization":[35],"improvement":[36],"samples":[39],"under":[40],"threat":[42,47,52,75],"such":[44],"as":[45,158],"on-manifold":[46],"model":[48,76],"or":[49],"neural":[50],"perceptual":[51],"model.":[53],"former":[56],"requires":[57,64],"exact":[58,95],"manifold":[59,87,96],"information":[60,88],"while":[61],"latter":[63],"algorithm":[65],"relaxation.":[66],"Motivated":[67],"by":[68],"these":[69],"considerations,":[70],"we":[71,101,109,117],"propose":[72,110],"a":[73,159],"novel":[74,103],"called":[77],"Joint":[78,136],"Space":[79,137],"Threat":[80],"Model":[81],"(JSTM),":[82],"which":[83,116],"exploits":[84],"underlying":[86],"Normalizing":[90],"Flow,":[91],"ensuring":[92],"that":[93,134],"assumption":[97],"holds.":[98],"Under":[99],"JSTM,":[100],"develop":[102],"attacks":[105],"defenses.":[107],"Specifically,":[108],"Robust":[112],"Mixup":[113],"strategy":[114],"in":[115,144],"maximize":[118],"adversity":[120],"interpolated":[123],"images":[124],"gain":[126],"robustness":[127],"prevent":[129],"overfitting.":[130],"Our":[131],"experiments":[132],"Interpolated":[135],"Training":[139],"(IJSAT)":[140],"achieves":[141],"good":[142],"performance":[143],"accuracy,":[146],"robustness,":[147],"generalization.":[149],"IJSAT":[150],"also":[152],"flexible":[153],"can":[155],"used":[157],"data":[160],"augmentation":[161],"method":[162],"improve":[164,175],"combined":[168],"many":[170],"existing":[171],"approaches":[173],"robustness.":[176],"We":[177],"demonstrate":[178],"effectiveness":[180],"our":[182],"approach":[183],"on":[184],"three":[185],"benchmark":[186],"datasets,":[187],"CIFAR-10/100,":[188],"OM-ImageNet":[189],"CIFAR-10-C.":[191]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2022-05-05T00:00:00"}