Implications of Solution Patterns on Adversarial Robustness

Liang, Hengyue; Liang, Buyun; Sun, Ju; Cui, Ying; Mitchell, Tim

Hengyue Liang, Buyun Liang, Ju Sun, Ying Cui, Tim Mitchell; Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) Workshops, 2023, pp. 2393-2400

Abstract

Empirical robustness evaluation (RE) of deep learning models against adversarial perturbations involves solving non-trivial constrained optimization problems. Recent works have shown that these RE problems can be reliably solved by a general-purpose constrained-optimization solver PyGRANSO with Constraint-Folding (PWCF). In this paper, we take advantage of PWCF and other existing numerical RE algorithms to explore the distinct solution patterns in solving the RE problems with various combinations of losses, perturbation models, and optimization algorithms. We then provide extensive discussions on the implications of these patterns on current robustness evaluation and adversarial training.

Related Material

[pdf]

[bibtex]

@InProceedings{Liang_2023_CVPR, author = {Liang, Hengyue and Liang, Buyun and Sun, Ju and Cui, Ying and Mitchell, Tim}, title = {Implications of Solution Patterns on Adversarial Robustness}, booktitle = {Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) Workshops}, month = {June}, year = {2023}, pages = {2393-2400} }