Adversarial Robustness through Disentangled Representations

Despite the remarkable empirical performance of deep learning models, their vulnerability to adversarial examples has been revealed in many studies. They are prone make a susceptible prediction input with imperceptible perturbation. Although recent works have remarkably improved model's robustness under training strategy, an evident gap between natural accuracy and inevitably exists. In order mitigate this problem, paper, we assume that robust non-robust representations two basic ingredients entangled integral representation. For achieving robustness, should be disentangled from part alignment can bridge robustness. Inspired by motivation, propose novel defense method called Deep Robust Representation Disentanglement Network (DRRDN). Specifically, DRRDN employs disentangler extract align both examples. Theoretical analysis guarantees mitigation trade-off good disentanglement performance. Experimental results on benchmark datasets finally demonstrate superiority our method.