A Geometric Probe of the Accuracy-Robustness Trade-off: Sharp Boundaries in Symmetry-Breaking Dimensional Expansion

TL;DR

This paper investigates the geometric reasons behind the accuracy-robustness trade-off in deep learning using Symmetry-Breaking Dimensional Expansion, revealing that sharp boundaries along auxiliary dimensions improve accuracy but reduce robustness.

Contribution

It introduces SBDE as a controlled probe to analyze the trade-off and demonstrates how sharp boundaries along auxiliary axes cause fragility against adversarial attacks.

Findings

SBDE improves clean accuracy by reducing parameter degeneracy.

Accuracy gains are linked to steep loss gradients along auxiliary axes.

Test-time mask projection restores robustness by neutralizing vulnerabilities.

Abstract

The trade-off between clean accuracy and adversarial robustness is a pervasive phenomenon in deep learning, yet its geometric origin remains elusive. In this work, we utilize Symmetry-Breaking Dimensional Expansion (SBDE) as a controlled probe to investigate the mechanism underlying this trade-off. SBDE expands input images by inserting constant-valued pixels, which breaks translational symmetry and consistently improves clean accuracy (e.g., from $90.47\%$ to $95.63\%$ on CIFAR-10 with ResNet-18) by reducing parameter degeneracy. However, this accuracy gain comes at the cost of reduced robustness against iterative white-box attacks. By employing a test-time \emph{mask projection} that resets the inserted auxiliary pixels to their training values, we demonstrate that the vulnerability stems almost entirely from the inserted dimensions. The projection effectively neutralizes the attacks and restores robustness, revealing that the model achieves high accuracy by creating \emph{sharp boundaries} (steep loss gradients) specifically along the auxiliary axes. Our findings provide a concrete geometric explanation for the accuracy-robustness paradox: the optimization landscape deepens the basin of attraction to improve accuracy but inevitably erects steep walls along the auxiliary degrees of freedom, creating a fragile sensitivity to off-manifold perturbations.