On adversarial robustness and the use of Wasserstein ascent-descent dynamics to enforce it

TL;DR

This paper introduces iterative Wasserstein ascent-descent algorithms for adversarial learning, demonstrating convergence to approximate Nash equilibria in complex nonconvex settings through particle dynamics and mean-field analysis.

Contribution

It develops novel Wasserstein-based ascent-descent algorithms with convergence guarantees for adversarial problems in nonconvex and nonconcave scenarios.

Findings

Algorithms converge to approximate Nash equilibria

Particle dynamics approximate mean-field limits

Numerical experiments validate theoretical results

Abstract

We propose iterative algorithms to solve adversarial problems in a variety of supervised learning settings of interest. Our algorithms, which can be interpreted as suitable ascent-descent dynamics in Wasserstein spaces, take the form of a system of interacting particles. These interacting particle dynamics are shown to converge toward appropriate mean-field limit equations in certain large number of particles regimes. In turn, we prove that, under certain regularity assumptions, these mean-field equations converge, in the large time limit, toward approximate Nash equilibria of the original adversarial learning problems. We present results for nonconvex-nonconcave settings, as well as for nonconvex-concave ones. Numerical experiments illustrate our results.