Abstract
Artificial neural networks (ANN) are widely used machine learning models. Their widespread use has attracted a lot of interest in their robustness. Many studies show that ANN’s performance can be highly vulnerable to input manipulation such as adversarial attacks and covariate drift. Therefore, various techniques that focus on improving ANN ’s robustness have been proposed in the last few years. However, most of these works have mostly focused on image data. In this paper, we investigate the role of discretization in improving ANN ’s robustness on tabular datasets. Two custom ANN layers– D1-Layer and D2-Layer (collectively called D-Layers) are proposed. The two layers integrate discretization during the training phase to improve ANN ’s ability to defend against adversarial attacks. Additionally, D2-Layer integrates dynamic discretization during testing phase as well, to provide a unified strategy to handle adversarial attacks and covariate drift. The experimental results on 24 publicly available datasets show that our proposed D-Layers add much-needed robustness to ANN for tabular datasets.
Original language | English |
---|---|
Article number | 1 |
Pages (from-to) | 173-205 |
Number of pages | 23 |
Journal | Data Mining and Knowledge Discovery |
Volume | 38 |
Issue number | 1 |
DOIs | |
Publication status | Published - 31 Aug 2023 |