Distance Metric Learning has been used or paired with SoftMax Cross-Entropy loss to increase the discriminative power of deep learning classifiers against adversarial attacks. Most distance metric learning-based methods for adversarial detection adopt the standard Mahalanobis distance which only encodes the relative position information and therefore cannot capture the entire shape of complex data. In this research, we propose an alternative metric learning approach for adversarial sample classification. This approach integrates relative information as well as absolute pairwise information into a differentiable decision tree representation to guarantee a more robust classifier. We term this metric learning approach as differentiable decision tree pairwise metric learning (DTML). We demonstrate that DTML is more robust even under strong adversarial untargeted attacks compared with the single Mahalanobis distance-based defending methods on MNIST, CIFAR-10, and KDDCUP99 datasets.

远程度量学习已被使用或与SoftMax交叉熵损失配合使用，以增强深度学习分类器对付对抗性攻击的判别能力。大多数基于距离度量学习的对抗性检测方法都采用标准的Mahalanobis距离，该距离仅对相对位置信息进行编码，因此无法捕获复杂数据的整个形状。在这项研究中，我们提出了一种用于对抗性样本分类的替代度量学习方法。这种方法将相对信息以及绝对的成对信息集成到可区分的决策树表示中，以确保分类器更强大。我们称这种度量学习方法为可区分的决策树成对度量学习（DTML）。