Theoretical evidence for adversarial robustness through randomization
| dc.contributor.author | Pinot, Rafaël | |
| dc.contributor.author | Meunier, Laurent | |
| dc.contributor.author | Araújo, Alexandre | |
| dc.contributor.author | Kashima, Hisashi | |
| dc.contributor.author | Yger, Florian
HAL ID: 17768 ORCID: 0000-0002-7182-8062 | |
| dc.contributor.author | Gouy-Pailler, Cedric
HAL ID: 6827 ORCID: 0000-0003-1298-7845 | |
| dc.contributor.author | Atif, Jamal
HAL ID: 15689 | |
| dc.date.accessioned | 2020-10-23T12:12:47Z | |
| dc.date.available | 2020-10-23T12:12:47Z | |
| dc.date.issued | 2019 | |
| dc.identifier.uri | https://basepub.dauphine.fr/handle/123456789/21152 | |
| dc.language.iso | en | en |
| dc.subject | Machine Learning | |
| dc.subject.ddc | 004 | en |
| dc.title | Theoretical evidence for adversarial robustness through randomization | |
| dc.type | Communication / Conférence | |
| dc.description.abstracten | This paper investigates the theory of robustness against adversarial attacks. It focuses on the family of randomization techniques that consist in injecting noise in the network at inference time. These techniques have proven effective in many contexts, but lack theoretical arguments. We close this gap by presenting a theoretical analysis of these approaches, hence explaining why they perform well in practice. More precisely, we make two new contributions. The first one relates the randomization rate to robustness to adversarial attacks. This result applies for the general family of exponential distributions, and thus extends and unifies the previous approaches. The second contribution consists in devising a new upper bound on the adversarial generalization gap of randomized neural networks. We support our theoretical claims with a set of experiments. | |
| dc.identifier.urlsite | https://hal.archives-ouvertes.fr/hal-02892188 | |
| dc.subject.ddclabel | Informatique générale | en |
| dc.relation.conftitle | 33rd Conference on Neural Information Processing Systems (NIPS 2019) | |
| dc.relation.confdate | 2019-12 | |
| dc.relation.confcity | Vancouver | |
| dc.relation.confcountry | CANADA | |
| dc.relation.forthcoming | non | en |
| dc.description.ssrncandidate | non | |
| dc.description.halcandidate | non | |
| dc.description.readership | recherche | |
| dc.description.audience | International | |
| dc.date.updated | 2021-01-12T15:15:08Z |
Files in this item
| Files | Size | Format | View |
|---|---|---|---|
|
There are no files associated with this item. |
|||
This item appears in the following Collection(s)
Related items
Showing items related by title and author.
-
(2019) Communication / Conférence
-
(2019) Communication / Conférence
-
(2018) Communication / Conférence
-
(2020) Communication / Conférence
-
(2017) Communication / Conférence
