arXiv:2510.27245v1 Announce Type: new 
Abstract: In recent times, deep neural networks (DNNs) have been successfully adopted for various applications. Despite their notable achievements, it has become evident that DNNs are vulnerable to sophisticated adversarial attacks, restricting their applications in security-critical systems. In this paper, we present two-phase training methods to tackle the attack: first, training the denoising network, and second, the deep classifier model. We propose a novel denoising strategy that integrates both spatial and frequency domain approaches to defend against adversarial attacks on images. Our analysis reveals that high-frequency components of attacked images are more severely corrupted compared to their lower-frequency counterparts. To address this, we leverage Discrete Wavelet Transform (DWT) for frequency analysis and develop a denoising network that combines spatial image features with wavelets through a transformer layer. Next, we retrain the classifier using the denoised images, which enhances the classifier's robustness against adversarial attacks. Experimental results across the MNIST, CIFAR-10, and Fashion-MNIST datasets reveal that the proposed method remarkably elevates classification accuracy, substantially exceeding the performance by utilizing a denoising network and adversarial training approaches. The code is available at https://github.com/Mayank94/Trans-Defense.

تقدم ورقة جديدة طريقة تدريب من مرحلتين تهدف إلى تعزيز مقاومة الشبكات العصبية العميقة ضد الهجمات العدائية. هذا مهم لأن الشبكات العصبية العميقة قد أظهرت وعدًا كبيرًا في تطبيقات متنوعة، لكن ضعفها أمام هذه الهجمات يمثل خطرًا جادًا، خاصة في البيئات الحساسة للأمان. من خلال التركيز على تدريب شبكة إزالة الضوضاء تليها نموذج مصنف عميق، يسعى المؤلفون إلى تحسين موثوقية هذه الأنظمة، مما يجعلها أكثر أمانًا للاستخدام في العالم الحقيقي.

Un nuevo artículo presenta un método de entrenamiento en dos fases destinado a mejorar la resistencia de las redes neuronales profundas contra ataques adversariales. Esto es significativo porque, aunque las DNN han demostrado ser prometedoras en diversas aplicaciones, su vulnerabilidad a tales ataques representa un riesgo serio, especialmente en entornos críticos para la seguridad. Al centrarse en entrenar una red de eliminación de ruido seguida de un modelo de clasificador profundo, los autores buscan mejorar la fiabilidad de estos sistemas, haciéndolos más seguros para su uso en el mundo real.

Un nouvel article présente une méthode d'entraînement en deux phases visant à renforcer la résilience des réseaux de neurones profonds contre les attaques adversariales. Cela est important car, bien que les DNN aient montré de grandes promesses dans diverses applications, leur vulnérabilité à de telles attaques représente un risque sérieux, en particulier dans des environnements critiques pour la sécurité. En se concentrant sur l'entraînement d'un réseau de débruitage suivi d'un classificateur profond, les auteurs visent à améliorer la fiabilité de ces systèmes, les rendant plus sûrs pour une utilisation dans le monde réel.

A new paper introduces a two-phase training method aimed at enhancing the resilience of deep neural networks against adversarial attacks. This is significant because while DNNs have shown great promise in various applications, their vulnerability to such attacks poses a serious risk, especially in security-critical environments. By focusing on training a denoising network followed by a deep classifier, the authors aim to improve the reliability of these systems, making them safer for real-world use.

Trans-defense: Transformer-based Denoiser for Adversarial Defense with Spatial-Frequency Domain Representation

arXiv:2601.08100v1 Announce Type: new 
Abstract: Understanding the generalization behavior of deep neural networks remains a fundamental challenge in modern statistical learning theory. Among existing approaches, PAC-Bayesian norm-based bounds have demonstrated particular promise due to their data-dependent nature and their ability to capture algorithmic and geometric properties of learned models. However, most existing results rely on isotropic Gaussian posteriors, heavy use of spectral-norm concentration for weight perturbations, and largely architecture-agnostic analyses, which together limit both the tightness and practical relevance of the resulting bounds. To address these limitations, in this work, we propose a unified framework for PAC-Bayesian norm-based generalization by reformulating the derivation of generalization bounds as a stochastic optimization problem over anisotropic Gaussian posteriors. The key to our approach is a sensitivity matrix that quantifies the network outputs with respect to structured weight perturbations, enabling the explicit incorporation of heterogeneous parameter sensitivities and architectural structures. By imposing different structural assumptions on this sensitivity matrix, we derive a family of generalization bounds that recover several existing PAC-Bayesian results as special cases, while yielding bounds that are comparable to or tighter than state-of-the-art approaches. Such a unified framework provides a principled and flexible way for geometry-/structure-aware and interpretable generalization analysis in deep learning.

تشير دراسة جديدة إلى إطار موحد لـ PAC-Bayes للحدود العامة المعتمدة على المعايير، حيث تتناول التحديات المتعلقة بفهم سلوك التعميم في الشبكات العصبية العميقة. تعيد هذه الدراسة صياغة اشتقاق هذه الحدود كمشكلة تحسين عشوائي على توزيعات غاوسية غير متساوية، بهدف تعزيز الصلة العملية للنتائج.

Un nuevo estudio propone un marco PAC-Bayes unificado para los límites de generalización basados en normas, abordando los desafíos de comprender el comportamiento de generalización de las redes neuronales profundas. La investigación reformula la derivación de estos límites como un problema de optimización estocástica sobre posteriors gaussianos anisotrópicos, con el objetivo de mejorar la relevancia práctica de los resultados.

Une nouvelle étude propose un cadre PAC-Bayésien unifié pour les bornes de généralisation basées sur les normes, abordant les défis de la compréhension du comportement de généralisation des réseaux de neurones profonds. La recherche reformule la dérivation de ces bornes comme un problème d'optimisation stochastique sur des postérieurs gaussiens anisotropes, visant à améliorer la pertinence pratique des résultats.

A new study proposes a unified PAC-Bayesian framework for norm-based generalization bounds, addressing the challenges of understanding deep neural networks' generalization behavior. The research reformulates the derivation of these bounds as a stochastic optimization problem over anisotropic Gaussian posteriors, aiming to enhance the practical relevance of the results.

Towards A Unified PAC-Bayesian Framework for Norm-based Generalization Bounds

arXiv:2601.07944v1 Announce Type: new 
Abstract: Since the turn of the century, approximate Bayesian inference has steadily evolved as new computational techniques have been incorporated to handle increasingly complex and large-scale predictive problems. The recent success of deep neural networks and foundation models has now given rise to a new paradigm in statistical modeling, in which Bayesian inference can be amortized through large-scale learned predictors. In amortized inference, substantial computation is invested upfront to train a neural network that can subsequently produce approximate posterior or predictions at negligible marginal cost across a wide range of tasks. At deployment, amortized inference offers substantial computational savings compared with traditional Bayesian procedures, which generally require repeated likelihood evaluations or Monte Carlo simulations for predictions for each new dataset.
  Despite the growing popularity of amortized inference, its statistical interpretation and its role within Bayesian inference remain poorly understood. This paper presents statistical perspectives on the working principles of several major neural architectures, including feedforward networks, Deep Sets, and Transformers, and examines how these architectures naturally support amortized Bayesian inference. We discuss how these models perform structured approximation and probabilistic reasoning in ways that yield controlled generalization error across a wide range of deployment scenarios, and how these properties can be harnessed for Bayesian computation. Through simulation studies, we evaluate the accuracy, robustness, and uncertainty quantification of amortized inference under varying signal-to-noise ratios and distributional shifts, highlighting both its strengths and its limitations.

أظهرت دراسة حديثة فعالية الاستدلال المدعوم في الإحصاءات البايزية، خاصة تحت تغيرات نسبة الإشارة إلى الضوضاء وتحولات التوزيع. تستخدم هذه الطريقة الشبكات العصبية العميقة لتبسيط عملية الاستدلال، مما يسمح بتوفير كبير في الحوسبة مقارنة بالأساليب البايزية التقليدية التي تتطلب تقييمات واسعة لاحتمالية.

Un estudio reciente ha evaluado la efectividad de la inferencia amortizada en estadísticas bayesianas, particularmente bajo variaciones en la relación señal-ruido y cambios en la distribución. Este método aprovecha redes neuronales profundas para agilizar el proceso de inferencia, permitiendo ahorros computacionales significativos en comparación con los enfoques bayesianos tradicionales que requieren evaluaciones extensas de verosimilitud.

Une étude récente a évalué l'efficacité de l'inférence amortie dans les statistiques bayésiennes, en particulier sous des variations de rapport signal-bruit et des changements de distribution. Cette méthode utilise des réseaux de neurones profonds pour rationaliser le processus d'inférence, permettant des économies computationnelles significatives par rapport aux approches bayésiennes traditionnelles qui nécessitent des évaluations de vraisemblance étendues.

A recent study has assessed the effectiveness of amortized inference in Bayesian statistics, particularly under varying signal-to-noise ratios and distribution shifts. This method leverages deep neural networks to streamline the inference process, allowing for significant computational savings compared to traditional Bayesian approaches that require extensive likelihood evaluations.

A Statistical Assessment of Amortized Inference Under Signal-to-Noise Variation and Distribution Shift

One More Thing in AI – Your Shortcut to AI Mastery

Trans-defense: Transformer-based Denoiser for Adversarial Defense with Spatial-Frequency Domain Representation

Was this article worth reading? Share it

One More Thing in AI

Humanize AI

Airparser

LucidQuery AI

Attentive AI

AskTuring

Ready to build your own newsroom?