This project was developed as the Final Project for the Introduction to Machine Learning (CS680) course at the University of Waterloo.
In this study, we investigated the use of Fast Adversarial Training (FAST-AT) and Fast Bi-level AT (FAST-BAT) to defend against adversarial patch attacks. Our results showed that models trained using these methods significantly increased their accuracy when subjected to adversarial patch attacks, indicating that they had gained robustness against these attacks despite not being explicitly trained to defend against them. These findings demonstrate the potential of FAST-AT and FAST-BAT to enhance the robustness of Deep Neural Networks against a variety of adversarial attacks.