Curriculum Optimisation via Evolutionary Computation, for a Neural Learner Robust to Categorical Adversarial Samples

In this paper we evolve curricula for improving the training accuracy of an agent that learns under the influence of adversarial alteration of training data, since adversarial influence is highly likely to be encountered in many defence and security operations. We consider categorical adversarial influence, where a fraction of the training samples is intentionally labelled with erroneous categories in order to misguide the learner towards malicious outcomes that jeopardise the mission success. Thus, we consider a supervised learning agent in the form of a deep convolutional neural network which learns to classify handwritten digits from 0 to 9, and we use a mutation-only genetic algorithm that evolves the sequence of the data samples in the training set (including the adversarial samples) in order to mitigate the influence of the adversarial samples on learning accuracy. We demonstrate that the genetic algorithm is able to obtain optimal curricula that provide the learner with the capability to perform well even when 20% of the training data are erroneously labelled.