@inproceedings{205c50e532704dc9a03d43e24cb00d36,
title = "CARTL: Cooperative Adversarially-Robust Transfer Learning",
abstract = "Transfer learning eases the burden of training a well-performed model from scratch, especially when training data is scarce and computation power is limited. In deep learning, a typical strategy for transfer learning is to freeze the early layers of a pre-trained model and fine-tune the rest of its layers on the target domain. Previous work focuses on the accuracy of the transferred model but neglects the transfer of adversarial robustness. In this work, we first show that transfer learning improves the accuracy on the target domain but degrades the inherited robustness of the target model. To address such a problem, we propose a novel cooperative adversarially-robust transfer learning (CARTL) by pre-training the model via feature distance minimization and fine-tuning the pre-trained model with non-expansive fine-tuning for target domain tasks. Empirical results show that CARTL improves the inherited robustness by about 28\% at most compared with the baseline with the same degree of accuracy. Furthermore, we study the relationship between the batch normalization (BN) layers and the robustness in the context of transfer learning, and we reveal that freezing BN layers can further boost the robustness transfer.",
author = "Dian Chen and Hongxin Hu and Qian Wang and Yinli Li and Cong Wang and Chao Shen and Qi Li",
note = "Publisher Copyright: Copyright {\textcopyright} 2021 by the author(s); 38th International Conference on Machine Learning, ICML 2021 ; Conference date: 18-07-2021 Through 24-07-2021",
year = "2021",
language = "英语",
series = "Proceedings of Machine Learning Research",
publisher = "ML Research Press",
pages = "1640--1650",
booktitle = "Proceedings of the 38th International Conference on Machine Learning, ICML 2021",
}