The robustness of deep neural network (DNN) is critical and challenging to ensure. In this paper, we propose a general data-oriented mutation framework, called STYX, to improve the robustness of DNN. STYX generates new training data by slightly mutating the training data. In this way, STYX ensures the DNN’s accuracy on the test dataset while improving the adaptability to small perturbations, i.e., improving the robustness. We have instantiated STYX for image classification and proposed pixel-level mutation rules that are applicable to any image classification DNNs. We have applied STYX on several commonly used benchmarks and compared STYX with the representative adversarial training methods. The experimental results indicate: STYX can improve the robustness while ensuring the test accuracy; compared with adversarial training methods, STYX gets an order of magnitude improvement in the training efficiency.

The paper work is presented in [1]. And the prototype tool STYX is provided in [2].

• Get Start with STYX

• Experimental Results

Description Video

Contacts

Please feel free to contact us if you have any problem.

• styx4dnn@gmail.com