Spectral regularization for adversarially-robust representation learning

Sheng Yang; Jacob A. Zavatone-Veth; Cengiz Pehlevan

arXiv:2405.17181·cs.LG·May 28, 2024

Spectral regularization for adversarially-robust representation learning

Sheng Yang, Jacob A. Zavatone-Veth, Cengiz Pehlevan

PDF

Open Access 1 Repo

TL;DR

This paper introduces a spectral regularizer designed to enhance adversarial robustness in neural network representations, especially effective in self-supervised and transfer learning scenarios, outperforming previous methods.

Contribution

The paper proposes a novel spectral regularizer that specifically targets feature representations to improve adversarial robustness, particularly in self-supervised and transfer learning contexts.

Findings

01

Spectral regularization improves test accuracy and robustness in supervised learning.

02

The method enhances adversarial robustness of self-supervised and transferred representations.

03

It reveals how representational structure influences adversarial robustness.

Abstract

The vulnerability of neural network classifiers to adversarial attacks is a major obstacle to their deployment in safety-critical applications. Regularization of network parameters during training can be used to improve adversarial robustness and generalization performance. Usually, the network is regularized end-to-end, with parameters at all layers affected by regularization. However, in settings where learning representations is key, such as self-supervised learning (SSL), layers after the feature representation will be discarded when performing inference. For these models, regularizing up to the feature space is more suitable. To this end, we propose a new spectral regularizer for representation learning that encourages black-box adversarial robustness in downstream classification tasks. In supervised classification settings, we show empirically that this method is more effective in…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

Pehlevan-Group/rep-spectral
pytorchOfficial

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdversarial Robustness in Machine Learning · Geophysical Methods and Applications · Anomaly Detection Techniques and Applications