TL;DR
This paper introduces MCAT, a novel adversarial training framework that enhances robustness on long-tailed datasets by enforcing semantic validity and balanced class separation in feature space.
Contribution
It proposes a unified manifold-constrained adversarial training method with theoretical guarantees and demonstrates improved robustness on long-tailed benchmarks.
Findings
Improved adversarial robustness on long-tailed datasets.
Theoretical link between geometric separation and robust margins.
Consistent performance gains across standard benchmarks.
Abstract
Adversarial training is effective on balanced datasets, but its robustness degrades under longtailed class distributions, where tail classes suffer high robust error and unstable decision boundaries. We propose Manifold-Constrained Adversarial Training (MCAT), a unified framework that enforces the semantic validity of adversarial examples by penalizing deviations from class-conditional manifolds in feature space, while promoting balanced geometric separation across classes via an ETF-inspired regularization. We provide theoretical results that link geometric separation to lower bounds on adversarially robust margins, and show that manifold-constrained adversarial risk upperbounds robust risk on high-density semantic regions. Extensive experiments on standard longtailed benchmarks demonstrate consistent improvements in overall, balanced, and tail-class adversarial robustness.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
