Generalizability of Adversarial Robustness Under Distribution Shifts

09/29/2022
by   Kumail Alhamoud, et al.
20

Recent progress in empirical and certified robustness promises to deliver reliable and deployable Deep Neural Networks (DNNs). Despite that success, most existing evaluations of DNN robustness have been done on images sampled from the same distribution that the model was trained on. Yet, in the real world, DNNs may be deployed in dynamic environments that exhibit significant distribution shifts. In this work, we take a first step towards thoroughly investigating the interplay between empirical and certified adversarial robustness on one hand and domain generalization on another. To do so, we train robust models on multiple domains and evaluate their accuracy and robustness on an unseen domain. We observe that: (1) both empirical and certified robustness generalize to unseen domains, and (2) the level of generalizability does not correlate well with input visual similarity, measured by the FID between source and target domains. We also extend our study to cover a real-world medical application, in which adversarial augmentation enhances both the robustness and generalization accuracy in unseen domains.

READ FULL TEXT

page 5

page 15

page 16

page 18

page 20

page 22

page 23

page 24

research
02/14/2023

Robust Representation Learning with Self-Distillation for Domain Generalization

Domain generalization is a challenging problem in machine learning, wher...
research
09/12/2023

Towards Reliable Domain Generalization: A New Dataset and Evaluations

There are ubiquitous distribution shifts in the real world. However, dee...
research
04/08/2022

Labeling-Free Comparison Testing of Deep Learning Models

Various deep neural networks (DNNs) are developed and reported for their...
research
07/10/2023

Towards Generalizable Diabetic Retinopathy Grading in Unseen Domains

Diabetic Retinopathy (DR) is a common complication of diabetes and a lea...
research
02/23/2023

Out-of-Domain Robustness via Targeted Augmentations

Models trained on one set of domains often suffer performance drops on u...
research
02/23/2021

Enhancing Model Robustness By Incorporating Adversarial Knowledge Into Semantic Representation

Despite that deep neural networks (DNNs) have achieved enormous success ...
research
03/01/2022

Global-Local Regularization Via Distributional Robustness

Despite superior performance in many situations, deep neural networks ar...

Please sign up or login with your details

Forgot password? Click here to reset