← Back to papers
2022 NIPS NeurIPS 2022

Phase Transition from Clean Training to Adversarial Training

Abstract

Adversarial training is one important algorithm to achieve robust machine learning models. However, numerous empirical results show a great performance degradation from clean training to adversarial training (e.g., 90+\% vs 67\% testing accuracy on CIFAR-10 dataset), which does not match the theoretical guarantee delivered by the existing studies. Such a gap inspires us to explore the existence of an (asymptotic) phase transition phenomenon with respect to the attack strength: adversarial training is as well behaved as clean training in the small-attack regime, but there is a sharp transition from clean training to adversarial training in the large-attack regime. We validate this conjecture in linear regression models, and conduct comprehensive experiments in deep neural networks.

🌉 Interdisciplinary Bridge — Deep Learning and Machine Learning
🧭 Keyword Pioneer — clean training
🐣 Hot Topic Early Bird — robust learning
🐝 Cross-Pollinator — Artificial Intelligence, Computer Science, Computer Vision, Data Science & Analytics, Deep Learning, Healthcare & Medicine, Interdisciplinary, Knowledge & Reasoning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Reinforcement Learning, Robotics, Security & Privacy, Speech & Audio

Authors

Yue Xing , Qifan Song , Guang Cheng

Topics

Machine Learning > Learning Types > Adversarial Learning Machine Learning > Optimization & Theory > Theory Deep Learning > Learning Types > Adversarial Learning Deep Learning > Optimization & Theory > Theory Machine Learning > Learning Types > Robustness

Keywords

adversarial training robust learning phase transition clean training neural network attack strength
Download PDF

Related papers

Transferring Pre-trained Multimodal Representations with Cross-modal Similarity Matching 2022
A Theoretical View on Sparsely Activated Networks 2022
Prune and distill: similar reformatting of image information along rat visual cortex and deep neural networks 2022
Matryoshka Representation Learning 2022
Off-Policy Evaluation with Deficient Support Using Side Information 2022