Narrowing Class-Wise Robustness Gaps in Adversarial Training
By: Fatemeh Amerehi, Patrick Healy
Potential Business Impact:
Makes AI better at guessing, even with tricky data.
Efforts to address declining accuracy as a result of data shifts often involve various data-augmentation strategies. Adversarial training is one such method, designed to improve robustness to worst-case distribution shifts caused by adversarial examples. While this method can improve robustness, it may also hinder generalization to clean examples and exacerbate performance imbalances across different classes. This paper explores the impact of adversarial training on both overall and class-specific performance, as well as its spill-over effects. We observe that enhanced labeling during training boosts adversarial robustness by 53.50% and mitigates class imbalances by 5.73%, leading to improved accuracy in both clean and adversarial settings compared to standard adversarial training.
Similar Papers
The Impact of Scaling Training Data on Adversarial Robustness
CV and Pattern Recognition
Makes AI smarter and harder to trick.
Are classical deep neural networks weakly adversarially robust?
CV and Pattern Recognition
Finds fake images by following their "feature paths."
Stability and Generalization of Adversarial Diffusion Training
Machine Learning (CS)
Makes AI learn better even when tricked.