Adversarial Attacks, Regression, and Numerical Stability Regularization
Andre T. Nguyen, Edward Raff
TL;DR
This paper investigates adversarial attacks on regression neural networks, proposing a regularization-based defense that enhances numerical stability and outperforms previous methods.
Contribution
It introduces a novel regularization technique to defend against adversarial attacks in regression, focusing on improving numerical stability of learned functions.
Findings
The proposed regularization outperforms prior defenses.
The method improves numerical stability of regression models.
Adversarial attacks are linked to numerical instability.
Abstract
Adversarial attacks against neural networks in a regression setting are a critical yet understudied problem. In this work, we advance the state of the art by investigating adversarial attacks against regression networks and by formulating a more effective defense against these attacks. In particular, we take the perspective that adversarial attacks are likely caused by numerical instability in learned functions. We introduce a stability inducing, regularization based defense against adversarial attacks in the regression setting. Our new and easy to implement defense is shown to outperform prior approaches and to improve the numerical stability of learned functions.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Model Reduction and Neural Networks