Optimal Transport as a Defense Against Adversarial Attacks

less than 1 minute read

We present Sinkhorn Adversarial Training (SAT), a robust adversarial training method based on the latest theory of optimal transport. We also propose a new metric, the Area Under Accuracy Curve (AUAC), to quantify more precisely the robustness of a model to adversarial attacks over a wide range of perturbation sizes.

Paper link
Video presentation
Code