Optimism in the Face of Adversity: Understanding and Improving Deep Learning through Adversarial Robustness

TL;DR

This paper reviews adversarial robustness in deep learning, emphasizing its positive aspects, geometric insights, and broad applications, aiming to enhance understanding and improvement of deep neural networks.

Contribution

It offers a comprehensive, optimistic perspective on adversarial robustness, connecting geometric analysis to deep learning insights and exploring diverse applications beyond security.

Findings

Adversarial examples relate to neural network geometry

Geometric analysis aids understanding of deep learning

Adversarial robustness has broad, emerging applications

Abstract

Driven by massive amounts of data and important advances in computational resources, new deep learning systems have achieved outstanding results in a large spectrum of applications. Nevertheless, our current theoretical understanding on the mathematical foundations of deep learning lags far behind its empirical success. Towards solving the vulnerability of neural networks, however, the field of adversarial robustness has recently become one of the main sources of explanations of our deep models. In this article, we provide an in-depth review of the field of adversarial robustness in deep learning, and give a self-contained introduction to its main notions. But, in contrast to the mainstream pessimistic perspective of adversarial robustness, we focus on the main positive aspects that it entails. We highlight the intuitive connection between adversarial examples and the geometry of deep neural networks, and eventually explore how the geometric study of adversarial examples can serve as a powerful tool to understand deep learning. Furthermore, we demonstrate the broad applicability of adversarial robustness, providing an overview of the main emerging applications of adversarial robustness beyond security. The goal of this article is to provide readers with a set of new perspectives to understand deep learning, and to supply them with intuitive tools and insights on how to use adversarial robustness to improve it.