It begins with a boundary: A geometric view on probabilistically robust learning
Keywords: probabilistically robust learning, adversarial attacks, existence of solutions, nonlocal perimeters, regularization
TL;DR: This paper investigates geometric aspects of Probabilistically Robust Learning, by introducing and analyzing nonlocal perimeter regularization,
Abstract: Although deep neural networks have achieved super-human performance on many classification tasks, they often exhibit a worrying lack of robustness towards adversarially generated examples. Thus, considerable effort has been invested into reformulating Empirical Risk Minimization (ERM) into an adversarially robust framework. Recently, attention has shifted towards approaches which interpolate between the robustness offered by adversarial training and the higher clean accuracy and faster training times of ERM. In this paper, we take a fresh and geometric view on one such method---Probabilistically Robust Learning (PRL) (Robey et al., ICML, 2022). We propose a geometric framework for understanding PRL, which allows us to identify a subtle flaw in its original formulation and to introduce a family of probabilistic nonlocal perimeter functionals to address this. We prove existence of solutions using novel relaxation methods and study properties as well as local limits of the introduced perimeters.
Supplementary Material: zip
Submission Number: 6592
Loading