Omnipotent Adversarial Training in the Wild
Guanlin Li, Kangjie Chen, Yuan Xu, Han Qiu, Tianwei Zhang
TL;DR
This paper introduces Omnipotent Adversarial Training (OAT), a novel approach that improves both clean accuracy and adversarial robustness in imbalanced and noisy datasets by using an oracle and logits adjustment.
Contribution
The paper proposes a new adversarial training strategy with an oracle and logits adjustment to handle real-world data imperfections, enhancing robustness and accuracy.
Findings
OAT outperforms baselines by over 20% in clean accuracy.
OAT achieves more than 10% improvement in robust accuracy.
Effective in complex data imbalance and noise scenarios.
Abstract
Adversarial training is an important topic in robust deep learning, but the community lacks attention to its practical usage. In this paper, we aim to resolve a real-world challenge, i.e., training a model on an imbalanced and noisy dataset to achieve high clean accuracy and adversarial robustness, with our proposed Omnipotent Adversarial Training (OAT) strategy. OAT consists of two innovative methodologies to address the imperfection in the training set. We first introduce an oracle into the adversarial training process to help the model learn a correct data-label conditional distribution. This carefully-designed oracle can provide correct label annotations for adversarial training. We further propose logits adjustment adversarial training to overcome the data imbalance issue, which can help the model learn a Bayes-optimal distribution. Our comprehensive evaluation results show that…
Peer Reviews
Decision·ICLR 2024 Conference Withdrawn Submission
The problems of label noise, sample imbalance, and adversarial sample are simultaneously considered in training a model.
Sample labeling noise, sample imbalance, and adversarial sample are problems that have been studied separately, and a number of related methods have been proposed. The proposed method in this draft is a simple combination of existing techniques. The sample label correction, data re-sampling, contrastive learning, and adversarial training included in the proposed method are conventional methods. Overall, not much technological innovation has been seen in this manuscript.
Strength: 1. This paper explores a new setting for adversarial training where training data could be contaminated with noise and imbalanced.
Weakness: 1. The proposed method does not unify adversarial training with learning from noisy and long-tailed data. These two parts are seemly optimized separately. 2. The techniques introduced for learning from noisy and long-tailed data are not new. Re-sampling is a well-known method for learning from imbalanced data. Label refurbishment is also widely adopted in self-training. Contrastive training is also quite matured. The technical contribution is thus very limited. 3. The evaluation of
+ This paper is the first trial to achieve better clean and robust accuracy for adversarial training under the noisy and imbalanced conditions. + Multiple techniques are efficiently combined for better adversarial training and the key components in this work are all reasonable. + The effectiveness of the proposed method is clearly shown with CIFAR-10 and 100 by significantly outperforming the baseline methods in terms of both clean accuracy and robust accuracy.
1. I am afraid the technical novelty is relatively weak. - Data-resampling (over-sampling, sub-sampling, SMOTE, etc) can be found in many papers. - The label refurbishment and dataset split using k-NN seems essentially the same as in the following paper. If not, the authors should clarify the novelty more clearly. [a] Dara Bahri, Heinrich Jiang, and Maya Gupta. Deep k-nn for noisy labels, Proceedings of Machine Learning Research, 2020. [b] Chen Feng, Georgios Tzimiropoulos, Ioannis Patras. SSR:
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAnomaly Detection Techniques and Applications · Machine Learning and Data Classification · Adversarial Robustness in Machine Learning