Understanding and Mitigating the Tradeoff Between Robustness and Accuracy

• URL: http://arxiv.org/abs/2002.10716v2
• Date: Mon, 6 Jul 2020 21:03:23 GMT
• Title: Understanding and Mitigating the Tradeoff Between Robustness and Accuracy
• Authors: Aditi Raghunathan, Sang Michael Xie, Fanny Yang, John Duchi and Percy Liang
• Abstract summary: Adversarial training augments the training set with perturbations to improve the robust error. We show that the standard error could increase even when the augmented perturbations have noiseless observations from the optimal linear predictor.
• Score: 88.51943635427709
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Adversarial training augments the training set with perturbations to improve the robust error (over worst-case perturbations), but it often leads to an increase in the standard error (on unperturbed test inputs). Previous explanations for this tradeoff rely on the assumption that no predictor in the hypothesis class has low standard and robust error. In this work, we precisely characterize the effect of augmentation on the standard error in linear regression when the optimal linear predictor has zero standard and robust error. In particular, we show that the standard error could increase even when the augmented perturbations have noiseless observations from the optimal linear predictor. We then prove that the recently proposed robust self-training (RST) estimator improves robust error without sacrificing standard error for noiseless linear regression. Empirically, for neural networks, we find that RST with different adversarial training methods improves both standard and robust error for random and adversarial rotations and adversarial $\ell_\infty$ perturbations in CIFAR-10.

Related papers

• Generalized Gaussian Temporal Difference Error for Uncertainty-aware Reinforcement Learning [0.19418036471925312]
  We introduce a novel framework for generalized Gaussian error modeling in deep reinforcement learning. Our framework enhances the flexibility of error distribution modeling by incorporating additional higher-order moment, particularly kurtosis.
  arXiv  Detail & Related papers  (2024-08-05T08:12:25Z)
• Non-Asymptotic Uncertainty Quantification in High-Dimensional Learning [5.318766629972959]
  Uncertainty quantification is a crucial but challenging task in many high-dimensional regression or learning problems. We develop a new data-driven approach for UQ in regression that applies both to classical regression approaches as well as to neural networks.
  arXiv  Detail & Related papers  (2024-07-18T16:42:10Z)
• Selective Learning: Towards Robust Calibration with Dynamic Regularization [79.92633587914659]
  Miscalibration in deep learning refers to there is a discrepancy between the predicted confidence and performance. We introduce Dynamic Regularization (DReg) which aims to learn what should be learned during training thereby circumventing the confidence adjusting trade-off.
  arXiv  Detail & Related papers  (2024-02-13T11:25:20Z)
• Learning Sample Difficulty from Pre-trained Models for Reliable Prediction [55.77136037458667]
  We propose to utilize large-scale pre-trained models to guide downstream model training with sample difficulty-aware entropy regularization. We simultaneously improve accuracy and uncertainty calibration across challenging benchmarks.
  arXiv  Detail & Related papers  (2023-04-20T07:29:23Z)
• Optimization Variance: Exploring Generalization Properties of DNNs [83.78477167211315]
  The test error of a deep neural network (DNN) often demonstrates double descent. We propose a novel metric, optimization variance (OV), to measure the diversity of model updates.
  arXiv  Detail & Related papers  (2021-06-03T09:34:17Z)
• Precise Statistical Analysis of Classification Accuracies for Adversarial Training [43.25761725062367]
  A variety of recent adversarial training procedures have been proposed to remedy this issue. We derive a precise characterization of the standard and robust accuracy for a class of minimax adversarially trained models.
  arXiv  Detail & Related papers  (2020-10-21T18:00:53Z)
• Discriminative Jackknife: Quantifying Uncertainty in Deep Learning via Higher-Order Influence Functions [121.10450359856242]
  We develop a frequentist procedure that utilizes influence functions of a model's loss functional to construct a jackknife (or leave-one-out) estimator of predictive confidence intervals. The DJ satisfies (1) and (2), is applicable to a wide range of deep learning models, is easy to implement, and can be applied in a post-hoc fashion without interfering with model training or compromising its accuracy.
  arXiv  Detail & Related papers  (2020-06-29T13:36:52Z)
• Calibrated Reliable Regression using Maximum Mean Discrepancy [45.45024203912822]
  Modern deep neural networks still produce unreliable predictive uncertainty. In this paper, we are concerned with getting well-calibrated predictions in regression tasks. Experiments on non-trivial real datasets show that our method can produce well-calibrated and sharp prediction intervals.
  arXiv  Detail & Related papers  (2020-06-18T03:38:12Z)
• Consistency Regularization for Certified Robustness of Smoothed Classifiers [89.72878906950208]
  A recent technique of randomized smoothing has shown that the worst-case $ell$-robustness can be transformed into the average-case robustness. We found that the trade-off between accuracy and certified robustness of smoothed classifiers can be greatly controlled by simply regularizing the prediction consistency over noise.
  arXiv  Detail & Related papers  (2020-06-07T06:57:43Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.