Robust Learning with Jacobian Regularization

Judy Hoffman; Daniel A. Roberts; Sho Yaida

arXiv:1908.02729·stat.ML·August 8, 2019·41 cites

Robust Learning with Jacobian Regularization

Judy Hoffman, Daniel A. Roberts, Sho Yaida

PDF

Open Access 3 Repos

TL;DR

This paper introduces a Jacobian regularization technique that enhances neural network robustness against input perturbations, including adversarial attacks, while maintaining good generalization on clean data.

Contribution

It develops an efficient Jacobian regularization method that increases classification margins and improves robustness without sacrificing accuracy on unperturbed data.

Findings

01

Significant robustness improvements against adversarial attacks.

02

Enhanced classification margins through Jacobian regularization.

03

Maintained generalization performance on clean data.

Abstract

Design of reliable systems must guarantee stability against input perturbations. In machine learning, such guarantee entails preventing overfitting and ensuring robustness of models against corruption of input data. In order to maximize stability, we analyze and develop a computationally efficient implementation of Jacobian regularization that increases classification margins of neural networks. The stabilizing effect of the Jacobian regularizer leads to significant improvements in robustness, as measured against both random and adversarial input perturbations, without severely degrading generalization properties on clean data.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdversarial Robustness in Machine Learning · Domain Adaptation and Few-Shot Learning · Machine Learning and Algorithms