CISPA
Browse

Generating Less Certain Adversarial Examples Improves Robust Generalization

Download (1.31 MB)
journal contribution
posted on 2024-10-22, 09:24 authored by Minxing Zhang, Michael Backes, Xiao ZhangXiao Zhang
This paper revisits the robust overfitting phenomenon of adversarial training. Observing that models with better robust generalization performance are less certain in predicting adversarially generated training inputs, we argue that overconfidence in predicting adversarial examples is a potential cause. Therefore, we hypothesize that generating less certain adversarial examples improves robust generalization, and propose a formal definition of adversarial certainty that captures the variance of the model's predicted logits on adversarial examples. Our theoretical analysis of synthetic distributions characterizes the connection between adversarial certainty and robust generalization. Accordingly, built upon the notion of adversarial certainty, we develop a general method to search for models that can generate training-time adversarial inputs with reduced certainty, while maintaining the model's capability in distinguishing adversarial examples. Extensive experiments on image benchmarks demonstrate that our method effectively learns models with consistently improved robustness and mitigates robust overfitting, confirming the importance of generating less certain adversarial examples for robust generalization.

History

Primary Research Area

  • Trustworthy Information Processing

Journal

Transactions on Machine Learning Research (TMLR)

Sub Type

  • Article

BibTeX

@article{Zhang:Backes:Zhang:2024, title = "Generating Less Certain Adversarial Examples Improves Robust Generalization", author = "Zhang, Minxing" AND "Backes, Michael" AND "Zhang, Xiao", year = 2024, month = 10, journal = "Transactions on Machine Learning Research (TMLR)" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC