Robust Active Learning: Sample-Efficient Training of Robust Deep
Learning Models
- URL: http://arxiv.org/abs/2112.02542v1
- Date: Sun, 5 Dec 2021 11:13:50 GMT
- Title: Robust Active Learning: Sample-Efficient Training of Robust Deep
Learning Models
- Authors: Yuejun Guo, Qiang Hu, Maxime Cordy, Mike Papadakis, Yves Le Traon
- Abstract summary: We propose emphrobust active learning, an active learning process that integrates adversarial training.
We show that robust active learning can produce models with the robustness (accuracy on adversarial examples) ranging from 2.35% to 63.85%.
Our acquisition function -- named density-based robust sampling with entropy (DRE) -- outperforms the other acquisition functions (including random) in terms of robustness.
- Score: 23.45276407731157
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Active learning is an established technique to reduce the labeling cost to
build high-quality machine learning models. A core component of active learning
is the acquisition function that determines which data should be selected to
annotate. State-of-the-art acquisition functions -- and more largely, active
learning techniques -- have been designed to maximize the clean performance
(e.g. accuracy) and have disregarded robustness, an important quality property
that has received increasing attention. Active learning, therefore, produces
models that are accurate but not robust.
In this paper, we propose \emph{robust active learning}, an active learning
process that integrates adversarial training -- the most established method to
produce robust models. Via an empirical study on 11 acquisition functions, 4
datasets, 6 DNN architectures, and 15105 trained DNNs, we show that robust
active learning can produce models with the robustness (accuracy on adversarial
examples) ranging from 2.35\% to 63.85\%, whereas standard active learning
systematically achieves negligible robustness (less than 0.20\%). Our study
also reveals, however, that the acquisition functions that perform well on
accuracy are worse than random sampling when it comes to robustness. We,
therefore, examine the reasons behind this and devise a new acquisition
function that targets both clean performance and robustness. Our acquisition
function -- named density-based robust sampling with entropy (DRE) --
outperforms the other acquisition functions (including random) in terms of
robustness by up to 24.40\% (3.84\% than random particularly), while remaining
competitive on accuracy. Additionally, we prove that DRE is applicable as a
test selection metric for model retraining and stands out from all compared
functions by up to 8.21\% robustness.
Related papers
- Studying Various Activation Functions and Non-IID Data for Machine Learning Model Robustness [3.641683644638084]
We study the machine learning (ML) model robustness using ten different activation functions through adversarial training.<n>Our proposed centralized adversarial training approach achieves a natural and robust accuracy of 77.08% and 67.96%.<n>In the federated learning environment, however, the robust accuracy decreases significantly, especially on non-IID data.
arXiv Detail & Related papers (2025-12-03T21:03:45Z) - ScoresActivation: A New Activation Function for Model Agnostic Global Explainability by Design [0.815557531820863]
We introduce a novel differentiable approach to global explainability by design.<n>We integrate feature importance estimation directly into model training.<n>Our approach yields globally faithful, stable feature rankings aligned with SHAP values and ground-truth feature importance.
arXiv Detail & Related papers (2025-11-17T18:10:34Z) - Smart Cuts: Enhance Active Learning for Vulnerability Detection by Pruning Hard-to-Learn Data [15.490968013867562]
Vulnerability detection is crucial for identifying security weaknesses in software systems.<n>This paper proposes a novel method to significantly enhance the active learning process by using dataset maps.<n>Our approach systematically identifies samples that are hard-to-learn for a model and integrates this information to create a more sophisticated sample selection strategy.
arXiv Detail & Related papers (2025-06-25T13:50:21Z) - The Surprising Effectiveness of Test-Time Training for Abstract Reasoning [64.36534512742736]
We investigate the effectiveness of test-time training (TTT) as a mechanism for improving models' reasoning capabilities.
TTT significantly improves performance on ARC tasks, achieving up to 6x improvement in accuracy compared to base fine-tuned models.
Our findings suggest that explicit symbolic search is not the only path to improved abstract reasoning in neural language models.
arXiv Detail & Related papers (2024-11-11T18:59:45Z) - STAR: Constraint LoRA with Dynamic Active Learning for Data-Efficient Fine-Tuning of Large Language Models [21.929902181609936]
We propose a novel approach to integrate uncertainty-based active learning and LoRA.
For the uncertainty gap, we introduce a dynamic uncertainty measurement that combines the uncertainty of the base model and the uncertainty of the full model.
For poor model calibration, we incorporate the regularization method during LoRA training to keep the model from being over-confident.
arXiv Detail & Related papers (2024-03-02T10:38:10Z) - Learning Objective-Specific Active Learning Strategies with Attentive
Neural Processes [72.75421975804132]
Learning Active Learning (LAL) suggests to learn the active learning strategy itself, allowing it to adapt to the given setting.
We propose a novel LAL method for classification that exploits symmetry and independence properties of the active learning problem.
Our approach is based on learning from a myopic oracle, which gives our model the ability to adapt to non-standard objectives.
arXiv Detail & Related papers (2023-09-11T14:16:37Z) - Robust Learning with Progressive Data Expansion Against Spurious
Correlation [65.83104529677234]
We study the learning process of a two-layer nonlinear convolutional neural network in the presence of spurious features.
Our analysis suggests that imbalanced data groups and easily learnable spurious features can lead to the dominance of spurious features during the learning process.
We propose a new training algorithm called PDE that efficiently enhances the model's robustness for a better worst-group performance.
arXiv Detail & Related papers (2023-06-08T05:44:06Z) - On the Stability-Plasticity Dilemma of Class-Incremental Learning [50.863180812727244]
A primary goal of class-incremental learning is to strike a balance between stability and plasticity.
This paper aims to shed light on how effectively recent class-incremental learning algorithms address the stability-plasticity trade-off.
arXiv Detail & Related papers (2023-04-04T09:34:14Z) - Frugal Reinforcement-based Active Learning [12.18340575383456]
We propose a novel active learning approach for label-efficient training.
The proposed method is iterative and aims at minimizing a constrained objective function that mixes diversity, representativity and uncertainty criteria.
We also introduce a novel weighting mechanism based on reinforcement learning, which adaptively balances these criteria at each training iteration.
arXiv Detail & Related papers (2022-12-09T14:17:45Z) - Towards Robust Dataset Learning [90.2590325441068]
We propose a principled, tri-level optimization to formulate the robust dataset learning problem.
Under an abstraction model that characterizes robust vs. non-robust features, the proposed method provably learns a robust dataset.
arXiv Detail & Related papers (2022-11-19T17:06:10Z) - Plex: Towards Reliability using Pretrained Large Model Extensions [69.13326436826227]
We develop ViT-Plex and T5-Plex, pretrained large model extensions for vision and language modalities, respectively.
Plex greatly improves the state-of-the-art across reliability tasks, and simplifies the traditional protocol.
We demonstrate scaling effects over model sizes up to 1B parameters and pretraining dataset sizes up to 4B examples.
arXiv Detail & Related papers (2022-07-15T11:39:37Z) - Feeding What You Need by Understanding What You Learned [54.400455868448695]
Machine Reading (MRC) reveals the ability to understand a given text passage and answer questions based on it.
Existing research works in MRC rely heavily on large-size models and corpus to improve the performance evaluated by metrics such as Exact Match.
We argue that a deep understanding of model capabilities and data properties can help us feed a model with appropriate training data.
arXiv Detail & Related papers (2022-03-05T14:15:59Z) - Mitigating Sampling Bias and Improving Robustness in Active Learning [13.994967246046008]
We introduce supervised contrastive active learning by leveraging the contrastive loss for active learning under a supervised setting.
We propose an unbiased query strategy that selects informative data samples of diverse feature representations.
We empirically demonstrate our proposed methods reduce sampling bias, achieve state-of-the-art accuracy and model calibration in an active learning setup.
arXiv Detail & Related papers (2021-09-13T20:58:40Z) - Adversarial Concurrent Training: Optimizing Robustness and Accuracy
Trade-off of Deep Neural Networks [13.041607703862724]
We propose Adversarial Concurrent Training (ACT) to train a robust model in conjunction with a natural model in a minimax game.
ACT achieves 68.20% standard accuracy and 44.29% robustness accuracy under a 100-iteration untargeted attack.
arXiv Detail & Related papers (2020-08-16T22:14:48Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.