File Download
There are no files associated with this item.
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: Stratified Adversarial Robustness with Rejection
| Title | Stratified Adversarial Robustness with Rejection |
|---|---|
| Authors | |
| Issue Date | 2023 |
| Citation | Proceedings of Machine Learning Research, 2023, v. 202, p. 4462-4484 How to Cite? |
| Abstract | Recently, there is an emerging interest in adversarially training a classifier with a rejection option (also known as a selective classifier) for boosting adversarial robustness. While rejection can incur a cost in many applications, existing studies typically associate zero cost with rejecting perturbed inputs, which can result in the rejection of numerous slightly-perturbed inputs that could be correctly classified. In this work, we study adversarially-robust classification with rejection in the stratified rejection setting, where the rejection cost is modeled by rejection loss functions monotonically non-increasing in the perturbation magnitude. We theoretically analyze the stratified rejection setting and propose a novel defense method - Adversarial Training with Consistent Prediction-based Rejection (CPR) - for building a robust selective classifier. Experiments on image datasets demonstrate that the proposed method significantly outperforms existing methods under strong adaptive attacks. For instance, on CIFAR-10, CPR reduces the total robust loss (for different rejection losses) by at least 7.3% under both seen and unseen attacks. |
| Persistent Identifier | http://hdl.handle.net/10722/341427 |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Chen, Jiefeng | - |
| dc.contributor.author | Raghuram, Jayaram | - |
| dc.contributor.author | Choi, Jihye | - |
| dc.contributor.author | Wu, Xi | - |
| dc.contributor.author | Liang, Yingyu | - |
| dc.contributor.author | Jha, Somesh | - |
| dc.date.accessioned | 2024-03-13T08:42:44Z | - |
| dc.date.available | 2024-03-13T08:42:44Z | - |
| dc.date.issued | 2023 | - |
| dc.identifier.citation | Proceedings of Machine Learning Research, 2023, v. 202, p. 4462-4484 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/341427 | - |
| dc.description.abstract | Recently, there is an emerging interest in adversarially training a classifier with a rejection option (also known as a selective classifier) for boosting adversarial robustness. While rejection can incur a cost in many applications, existing studies typically associate zero cost with rejecting perturbed inputs, which can result in the rejection of numerous slightly-perturbed inputs that could be correctly classified. In this work, we study adversarially-robust classification with rejection in the stratified rejection setting, where the rejection cost is modeled by rejection loss functions monotonically non-increasing in the perturbation magnitude. We theoretically analyze the stratified rejection setting and propose a novel defense method - Adversarial Training with Consistent Prediction-based Rejection (CPR) - for building a robust selective classifier. Experiments on image datasets demonstrate that the proposed method significantly outperforms existing methods under strong adaptive attacks. For instance, on CIFAR-10, CPR reduces the total robust loss (for different rejection losses) by at least 7.3% under both seen and unseen attacks. | - |
| dc.language | eng | - |
| dc.relation.ispartof | Proceedings of Machine Learning Research | - |
| dc.title | Stratified Adversarial Robustness with Rejection | - |
| dc.type | Conference_Paper | - |
| dc.description.nature | link_to_subscribed_fulltext | - |
| dc.identifier.scopus | eid_2-s2.0-85174419380 | - |
| dc.identifier.volume | 202 | - |
| dc.identifier.spage | 4462 | - |
| dc.identifier.epage | 4484 | - |
| dc.identifier.eissn | 2640-3498 | - |