【摘要】 为防止脆弱样本降低对抗训练模型的鲁棒性和准确率，提出一种从决策边界角度重新加权训练数据的方法。通过迭代搜索获取决策边界附近的对抗样本，由于熵越小，样本的脆弱性越大，为避免扰动干扰和错误分类，提出使用熵评估样本的脆弱性。根据预测分布的熵，按合适的惩罚因子调整每个对抗训练样本的损失，提升脆弱训练样本的训练强度，提升模型的鲁棒性。实验结果表明，所提算法在保持模型准确率的同时，能够显著提高模型的对抗鲁棒性。更多还原

【Abstract】 In the process of adversarial training, different samples have different effects on the robustness of the model, and fra-gile samples will reduce the robustness and accuracy of the model. To solve this problem, a method of reweighting the training data from the perspective of decision boundary was proposed. The smaller the entropy is, the greater the vulnerability of the sample is, and it is more prone to be disturbed and misclassified. Therefore, in the training process, the adversarial samples near the decision boundary were obtained by iterative search. According to the entropy of the prediction distribution, the loss of each adversarial training sample was adjusted by an appropriate penalty factor to improve the training intensity of vulnerable training samples, so as to improve the robustness of the model. Experimental results show that the proposed algorithm significantly improves the adversarial robustness of the model while maintaining the accuracy of the model.更多还原