Nash Equilibria and Pitfalls of Adversarial Training in Adversarial Robustness Games

• URL: http://arxiv.org/abs/2210.12606v2
• Date: Tue, 25 Oct 2022 18:05:29 GMT
• Title: Nash Equilibria and Pitfalls of Adversarial Training in Adversarial Robustness Games
• Authors: Maria-Florina Balcan, Rattana Pukdee, Pradeep Ravikumar, Hongyang Zhang
• Abstract summary: We study adversarial training as an alternating best-response strategy in a 2-player zero-sum game. On the other hand, a unique pure Nash equilibrium of the game exists and is provably robust.
• Score: 51.90475640044073
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Adversarial training is a standard technique for training adversarially robust models. In this paper, we study adversarial training as an alternating best-response strategy in a 2-player zero-sum game. We prove that even in a simple scenario of a linear classifier and a statistical model that abstracts robust vs. non-robust features, the alternating best response strategy of such game may not converge. On the other hand, a unique pure Nash equilibrium of the game exists and is provably robust. We support our theoretical results with experiments, showing the non-convergence of adversarial training and the robustness of Nash equilibrium.

Related papers

• Automated Security Response through Online Learning with Adaptive Conjectures [13.33996350474556]
  We study automated security response for an IT infrastructure. We formulate the interaction between an attacker and a defender as a partially observed, non-stationary game.
  arXiv  Detail & Related papers  (2024-02-19T20:06:15Z)
• A Minimaximalist Approach to Reinforcement Learning from Human Feedback [49.45285664482369]
  We present Self-Play Preference Optimization (SPO), an algorithm for reinforcement learning from human feedback. Our approach is minimalist in that it does not require training a reward model nor unstable adversarial training. We demonstrate that on a suite of continuous control tasks, we are able to learn significantly more efficiently than reward-model based approaches.
  arXiv  Detail & Related papers  (2024-01-08T17:55:02Z)
• Balance, Imbalance, and Rebalance: Understanding Robust Overfitting from a Minimax Game Perspective [80.51463286812314]
  Adversarial Training (AT) has become arguably the state-of-the-art algorithm for extracting robust features. AT suffers from severe robust overfitting problems, particularly after learning rate (LR) decay. We show how LR decay breaks the balance between the minimax game by empowering the trainer with a stronger memorization ability.
  arXiv  Detail & Related papers  (2023-10-30T09:00:11Z)
• Finding mixed-strategy equilibria of continuous-action games without gradients using randomized policy networks [83.28949556413717]
  We study the problem of computing an approximate Nash equilibrium of continuous-action game without access to gradients. We model players' strategies using artificial neural networks. This paper is the first to solve general continuous-action games with unrestricted mixed strategies and without any gradient information.
  arXiv  Detail & Related papers  (2022-11-29T05:16:41Z)
• Imbalanced Adversarial Training with Reweighting [33.51820466479575]
  We show that adversarially trained models can suffer much worse performance on under-represented classes, when the training dataset is imbalanced. Traditional reweighting strategies may lose efficacy to deal with the imbalance issue for adversarial training. We propose Separable Reweighted Adversarial Training (SRAT) to facilitate adversarial training under imbalanced scenarios.
  arXiv  Detail & Related papers  (2021-07-28T20:51:36Z)
• On Information Asymmetry in Competitive Multi-Agent Reinforcement Learning: Convergence and Optimality [78.76529463321374]
  We study the system of interacting non-cooperative two Q-learning agents. We show that this information asymmetry can lead to a stable outcome of population learning.
  arXiv  Detail & Related papers  (2020-10-21T11:19:53Z)
• Efficient Competitive Self-Play Policy Optimization [20.023522000925094]
  We propose a new algorithmic framework for competitive self-play reinforcement learning in two-player zero-sum games. Our method trains several agents simultaneously, and intelligently takes each other as opponent based on simple adversarial rules. We prove theoretically that our algorithm converges to an approximate equilibrium with high probability in convex-concave games.
  arXiv  Detail & Related papers  (2020-09-13T21:01:38Z)
• Robust Reinforcement Learning using Adversarial Populations [118.73193330231163]
  Reinforcement Learning (RL) is an effective tool for controller design but can struggle with issues of robustness. We show that using a single adversary does not consistently yield robustness to dynamics variations under standard parametrizations of the adversary. We propose a population-based augmentation to the Robust RL formulation in which we randomly initialize a population of adversaries and sample from the population uniformly during training.
  arXiv  Detail & Related papers  (2020-08-04T20:57:32Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.