Adversarial Coreset Selection for Efficient Robust Training
Hadi M. Dolatabadi, Sarah Erfani, Christopher Leckie
TL;DR
This paper introduces a coreset selection method to accelerate adversarial training of neural networks, reducing training time by 2-3 times with minimal accuracy loss, applicable to various training objectives.
Contribution
It provides a theoretically grounded coreset selection approach for efficient adversarial training, with convergence guarantees and broad applicability.
Findings
Speeds up adversarial training by 2-3 times
Maintains comparable clean and robust accuracy
Applicable to multiple adversarial training objectives
Abstract
Neural networks are vulnerable to adversarial attacks: adding well-crafted, imperceptible perturbations to their input can modify their output. Adversarial training is one of the most effective approaches to training robust models against such attacks. Unfortunately, this method is much slower than vanilla training of neural networks since it needs to construct adversarial examples for the entire training data at every iteration. By leveraging the theory of coreset selection, we show how selecting a small subset of training data provides a principled approach to reducing the time complexity of robust training. To this end, we first provide convergence guarantees for adversarial coreset selection. In particular, we show that the convergence bound is directly related to how well our coresets can approximate the gradient computed over the entire training data. Motivated by our theoretical…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Advanced Neural Network Applications · COVID-19 diagnosis using AI
MethodsCoresets