IoT Seminar | Regularization for Adversarial Robust Learning

9:00am - 10:00am
Online Only, Zoom ID:942 0206 8071, Passcode:iott

Despite the growing prevalence of artificial neural networks in real-world applications, their vulnerability to adversarial attacks remains a significant concern, which motivates us to investigate the robustness of machine learning models. While various heuristics aim to optimize the distributionally robust risk using the Wasserstein metric, such a notion of robustness frequently encounters computation intractability. To tackle the computational challenge, we develop a novel approach to adversarial training that integrates phi-divergence regularization into the distributionally robust risk function. This regularization brings a notable improvement in computation compared with the original formulation. We develop stochastic gradient methods with biased oracles to solve this problem efficiently, achieving the near-optimal sample complexity. Moreover, we establish its regularization effects and demonstrate it is asymptotic equivalence to a regularized empirical risk minimization framework, by considering various scaling regimes of the regularization parameter and robustness level. These regimes yield gradient norm regularization, variance regularization, or a smoothed gradient norm regularization that interpolates between these extremes. We numerically validate our proposed method in supervised learning, reinforcement learning, and contextual learning and showcase its state-of-the-art performance against various adversarial attacks.

讲者/ 表演者:
WANG Jie
Georgia Institute of Technology

Jie Wang is a final-year Ph.D. candidate in the H. Milton Stewart School of Industrial and Systems Engineering at Georgia Institute of Technology. He received bachelor's degree in Pure Mathematics Major from The Chinese University of Hong Kong, Shenzhen. His main research studies decision-making under uncertainty. His research has been published in several top journals and conferences such as Operations Research, Information and Inference: a Journal of the IMA, IEEE Journal on Selected Areas in Communications, IEEE Journal on Selected Areas in Information Theory, NeurIPS, and AISTATS. He has received several awards, such as Winner in the 2022 INFORMS Poster Competition, Winner of the Best Theoretical Paper in the 2023 INFORMS Workshop on DMDA, and runner-up in the 2024 INFORMS Computing Society Best Student Paper Award. 

语言
英文
适合对象
教职员
研究生
本科生
主办单位
Internet of Things Thrust, HKUST(GZ)
新增活动
请各校内团体将活动发布至大学活动日历。