We have seen how MAML is used to find the optimal parameter θ that is generalizable across tasks. Now, we will see a variant of MAML called ADML, which makes use of both clean and adversarial samples to find the better and robust initial model parameter θ. Before going ahead, let's understand what adversarial samples are. Adversarial samples are obtained as a result of adversarial attacks. Let's say we have an image; an adversarial attack consists of slightly modifying this image in such a way that it is not detectable to our eyes, and this modified image is called adversarial image. When we feed this adversarial image to the model, it fails to classify it correctly. There are several different adversarial attacks used to get the adversarial samples. We will see one of the commonly used methods called Fast Gradient Sign Method (FGSM).