Gaussian class-conditional simplex loss for accurate, adversarially robust deep classifier training

Abstract In this work, we present the Gaussian Class-Conditional Simplex (GCCS) loss: a novel approach for training deep robust multiclass classifiers that improves over state-of-the-art in terms of classification accuracy and adversarial robustness, with little extra cost network training. The proposed method learns mapping input classes onto target distributions latent space such hyperplane can be used as optimal decision surface. Instead maximizing likelihood labels individual samples, our loss function pushes to produce feature yielding high inter-class separation low intra-class separation. mean values learned are centered on vertices simplex each class is at same distance from every other class. We show regularization based yields excellent accuracy. Moreover, GCCS provides improved robustness against perturbations, outperforming models trained conventional (AT). particular, model minimizes presence short paths toward neighboring regions. provide comprehensive empirical evaluation shows how outperforms approaches challenging datasets targeted untargeted gradient-based, well gradient-free attacks, both robustness.