Generalized but not Robust? Comparing the Effects of Data Modification Methods on Out-of-Domain Generalization and Adversarial Robustness

TL;DR

This paper empirically investigates how various data modification strategies affect out-of-domain generalization and adversarial robustness across NLP and computer vision tasks, revealing that more data generally improves both, while data filtering can be detrimental.

Contribution

It provides a comprehensive empirical analysis of data modification methods, highlighting their impacts on OOD performance and adversarial robustness, and visualizes these effects on synthetic data.

Findings

More data improves OOD accuracy and adversarial robustness.

Data filtering can harm OOD accuracy on certain tasks.

Synthetic visualization clarifies effects of data modifications.

Abstract

Data modification, either via additional training datasets, data augmentation, debiasing, and dataset filtering, has been proposed as an effective solution for generalizing to out-of-domain (OOD) inputs, in both natural language processing and computer vision literature. However, the effect of data modification on adversarial robustness remains unclear. In this work, we conduct a comprehensive study of common data modification strategies and evaluate not only their in-domain and OOD performance, but also their adversarial robustness (AR). We also present results on a two-dimensional synthetic dataset to visualize the effect of each method on the training distribution. This work serves as an empirical study towards understanding the relationship between generalizing to unseen domains and defending against adversarial perturbations. Our findings suggest that more data (either via additional datasets or data augmentation) benefits both OOD accuracy and AR. However, data filtering (previously shown to improve OOD accuracy on natural language inference) hurts OOD accuracy on other tasks such as question answering and image classification. We provide insights from our experiments to inform future work in this direction.