Enhancing Adversarial Robustness with Conformal Prediction: A Framework for Guaranteed Model Reliability

TL;DR

This paper introduces a novel framework combining conformal prediction with adversarial training to improve the robustness and reliability of deep learning models against adversarial attacks, especially in safety-critical applications.

Contribution

It develops OPSA, an adversarial attack method targeting conformal prediction, and OPSA-AT, a new adversarial training strategy that enhances model robustness and uncertainty estimation.

Findings

OPSA induces greater uncertainty than baseline attacks.

OPSA-AT improves robustness against multiple adversarial attacks.

The integrated approach provides reliable predictions in high-risk scenarios.

Abstract

As deep learning models are increasingly deployed in high-risk applications, robust defenses against adversarial attacks and reliable performance guarantees become paramount. Moreover, accuracy alone does not provide sufficient assurance or reliable uncertainty estimates for these models. This study advances adversarial training by leveraging principles from Conformal Prediction. Specifically, we develop an adversarial attack method, termed OPSA (OPtimal Size Attack), designed to reduce the efficiency of conformal prediction at any significance level by maximizing model uncertainty without requiring coverage guarantees. Correspondingly, we introduce OPSA-AT (Adversarial Training), a defense strategy that integrates OPSA within a novel conformal training paradigm. Experimental evaluations demonstrate that our OPSA attack method induces greater uncertainty compared to baseline approaches for various defenses. Conversely, our OPSA-AT defensive model significantly enhances robustness not only against OPSA but also other adversarial attacks, and maintains reliable prediction. Our findings highlight the effectiveness of this integrated approach for developing trustworthy and resilient deep learning models for safety-critical domains. Our code is available at https://github.com/bjbbbb/Enhancing-Adversarial-Robustness-with-Conformal-Prediction.