![[2512.20821] Divided We Fall: Defending Against Adversarial Attacks via Soft-Gated Fractional Mixture-of-Experts with Randomized Adversarial Training](https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png){kind=logo}
[2512.20821] Divided We Fall: Defending Against Adversarial Attacks via Soft-Gated Fractional Mixture-of-Experts with Randomized Adversarial Training
Summary
The paper presents a novel defense mechanism against adversarial attacks in machine learning using a soft-gated fractional mixture-of-experts architecture, demonstrating improved robustness over existing methods.
Why It Matters
As machine learning models become increasingly integral to various applications, their vulnerability to adversarial attacks poses significant risks. This research offers a promising solution that enhances model security, which is crucial for real-world deployment in sensitive areas like finance and healthcare.
Key Takeaways
- Introduces a defense system utilizing a mixture-of-experts architecture.
- Demonstrates superior performance against white-box evasion attacks compared to existing methods.
- Employs randomized adversarial training to enhance model robustness.
- Utilizes nine pre-trained classifiers to optimize performance.
- Validates effectiveness on benchmark datasets CIFAR-10 and SVHN.
Computer Science > Machine Learning arXiv:2512.20821 (cs) [Submitted on 23 Dec 2025 (v1), last revised 22 Feb 2026 (this version, v2)] Title:Divided We Fall: Defending Against Adversarial Attacks via Soft-Gated Fractional Mixture-of-Experts with Randomized Adversarial Training Authors:Mohammad Meymani, Roozbeh Razavi-Far View a PDF of the paper titled Divided We Fall: Defending Against Adversarial Attacks via Soft-Gated Fractional Mixture-of-Experts with Randomized Adversarial Training, by Mohammad Meymani and 1 other authors View PDF HTML (experimental) Abstract:Machine learning is a powerful tool enabling full automation of a huge number of tasks without explicit programming. Despite recent progress of machine learning in different domains, these models have shown vulnerabilities when they are exposed to adversarial threats. Adversarial threats aim to hinder the machine learning models from satisfying their objectives. They can create adversarial perturbations, which are imperceptible to humans' eyes but have the ability to cause misclassification during inference. In this paper, we propose a defense system, which devises an adversarial training module within mixture-of-experts architecture to enhance its robustness against white-box evasion attacks. In our proposed defense system, we use nine pre-trained classifiers (experts) with ResNet-18 as their backbone. During end-to-end training, the parameters of all experts and the gating mechanism are jointly updated allowing ...
