{
  "id": "1807.10454",
  "version": "v1",
  "published": "2018-07-27T06:50:43.000Z",
  "updated": "2018-07-27T06:50:43.000Z",
  "title": "From Adversarial Training to Generative Adversarial Networks",
  "authors": [
    "Xuanqing Liu",
    "Cho-Jui Hsieh"
  ],
  "comment": "NIPS 2018 submission, under review",
  "categories": [
    "cs.LG",
    "cs.AI",
    "stat.ML"
  ],
  "abstract": "In this paper, we are interested in two seemingly different concepts: \\textit{adversarial training} and \\textit{generative adversarial networks (GANs)}. Particularly, how these techniques help to improve each other. To this end, we analyze the limitation of adversarial training as the defense method, starting from questioning how well the robustness of a model can generalize. Then, we successfully improve the generalizability via data augmentation by the ``fake'' images sampled from generative adversarial networks. After that, we are surprised to see that the resulting robust classifier leads to a better generator, for free. We intuitively explain this interesting phenomenon and leave the theoretical analysis for future work. Motivated by these observations, we propose a system that combines generator, discriminator, and adversarial attacker in a single network. After end-to-end training and fine tuning, our method can simultaneously improve the robustness of classifiers, measured by accuracy under strong adversarial attacks; and the quality of generators, evaluated both aesthetically and quantitatively. In terms of the classifier, we achieve better robustness than the state-of-the-art adversarial training algorithm proposed in (Madry etla., 2017), while our generator achieves competitive performance compared with SN-GAN (Miyato and Koyama, 2018). Source code is publicly available online at \\url{https://github.com/anonymous}.",
  "revisions": [
    {
      "version": "v1",
      "updated": "2018-07-27T06:50:43.000Z"
    }
  ],
  "analyses": {
    "keywords": [
      "generative adversarial networks",
      "strong adversarial attacks",
      "achieve better robustness",
      "state-of-the-art adversarial training algorithm",
      "generator achieves competitive performance"
    ],
    "note": {
      "typesetting": "TeX",
      "pages": 0,
      "language": "en",
      "license": "arXiv",
      "status": "editable"
    }
  }
}