Robust DNN Surrogate Models with Uncertainty Quantification via Adversarial Training

TL;DR

This paper addresses the vulnerability of DNN surrogate models to input perturbations, demonstrating the issue's severity and proposing adversarial training methods to enhance robustness without losing accuracy.

Contribution

It introduces adversarial training techniques to improve the robustness of DNN surrogate models used in uncertainty quantification tasks.

Findings

Adversarial vulnerability significantly affects DNN surrogate accuracy.

Proposed adversarial training methods improve robustness.

Robust models maintain high emulation accuracy.

Abstract

For computational efficiency, surrogate models have been used to emulate mathematical simulators for physical or biological processes. High-speed simulation is crucial for conducting uncertainty quantification (UQ) when the simulation is repeated over many randomly sampled input points (aka, the Monte Carlo method). In some cases, UQ is only feasible with a surrogate model. Recently, Deep Neural Network (DNN) surrogate models have gained popularity for their hard-to-match emulation accuracy. However, it is well-known that DNN is prone to errors when input data are perturbed in particular ways, the very motivation for adversarial training. In the usage scenario of surrogate models, the concern is less of a deliberate attack but more of the high sensitivity of the DNN's accuracy to input directions, an issue largely ignored by researchers using emulation models. In this paper, we show the severity of this issue through empirical studies and hypothesis testing. Furthermore, we adopt methods in adversarial training to enhance the robustness of DNN surrogate models. Experiments demonstrate that our approaches significantly improve the robustness of the surrogate models without compromising emulation accuracy.