AdvRush: Searching for Adversarially Robust Neural Architectures

Mok, Jisoo; Na, Byunggook; Choe, Hyeokjun; Yoon, Sungroh

doi:10.48550/arxiv.2108.01289

Cited by 2 publications

(5 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The non-differentiable methods adopt the robust accuracy of FGSM or PGD adversarial training as the evaluation, which is relatively time-consuming Guo et al (2020); Liu and Jin (2021b); Vargas et al (2019). Further, the differentiable methods take the Jacobian or Hessian matrix to measure the robustness of the models, resulting in the great acceleration of the search procedure Mok et al (2021); Hosseini et al (2021).…”

Section: Adversarial Defensementioning

confidence: 99%

“…Apart from the three above game-based robustness evaluation metrics, we also include the quantified metric such as the Frobenius (F ) norms of Jacobian matrix of the input data, which does not rely on adversarial noise generated by various adversarial attacks, resulting in an easy combination with differentiable neural architecture search methods Hosseini et al (2021); Mok et al (2021).…”

Section: Quantified Metricmentioning

confidence: 99%

“…where J denotes the Jacobian matrix of the output vector of 10 classifier with respect to input data, i represents the number of input sample. Similarly, the calculation of the F norms of Hessian matrix can be seen in Mok et al (2021).…”

Section: Quantified Metricmentioning

confidence: 99%

“…Hosseini et al Hosseini et al (2021) incorporate two robustness metrics, including Jacobian matrix and certified lower bound into partial channel connections for memory-efficient architecture search (PC-DARTS) Xu et al (2019). Similarly, Mok et al Mok et al (2021) use the Hessian matrix information of input data as the robustness evaluation to guide the process of DARTS Liu et al (2018).…”

Section: Introductionmentioning

confidence: 99%

“…The reason is that the metrics with adversarial training have been proved to bring overestimation of the robustness, resulting in the searched model by NAS not being robust enough. For example, the robust accuracy of five searched model architectures is presented in Fig 1, which can be obtained from the report of AdvRush Mok et al (2021). If the evaluation just considers the robust accuracy of FGSM or PGD, it could cause the misjudgment of robust architectures in NAS.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

$A^{3}D$: A Platform of Searching for Robust Neural Architectures and Efficient Adversarial Attacks

Sun¹,

Jiang²,

Li³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

Section: Adversarial Defensementioning

confidence: 99%

Section: Quantified Metricmentioning

confidence: 99%

Section: Quantified Metricmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

$A^{3}D$: A Platform of Searching for Robust Neural Architectures and Efficient Adversarial Attacks

Sun¹,

Jiang²,

Li³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

A.I. Robustness: a Human-Centered Perspective on Technological Challenges and Opportunities

Tocchetti,

Corti,

Balayn

et al. 2024

ACM Comput. Surv.

View full text Add to dashboard Cite

Despite the impressive performance of Artificial Intelligence (AI) systems, their robustness remains elusive and constitutes a key issue that impedes large-scale adoption. Besides, robustness is interpreted differently across domains and contexts of AI. In this work, we systematically survey recent progress to provide a reconciled terminology of concepts around AI robustness. We introduce three taxonomies to organize and describe the literature both from a fundamental and applied point of view: 1) methods and approaches that address robustness in different phases of the machine learning pipeline; 2) methods improving robustness in specific model architectures, tasks, and systems; and in addition, 3) methodologies and insights around evaluating the robustness of AI systems, particularly the trade-offs with other trustworthiness properties. Finally, we identify and discuss research gaps and opportunities and give an outlook on the field. We highlight the central role of humans in evaluating and enhancing AI robustness, considering the necessary knowledge they can provide, and discuss the need for better understanding practices and developing supportive tools in the future.

show abstract

AdvRush: Searching for Adversarially Robust Neural Architectures

Cited by 2 publications

References 40 publications

$A^{3}D$: A Platform of Searching for Robust Neural Architectures and Efficient Adversarial Attacks

$A^{3}D$: A Platform of Searching for Robust Neural Architectures and Efficient Adversarial Attacks

A.I. Robustness: a Human-Centered Perspective on Technological Challenges and Opportunities

Contact Info

Product

Resources

About