Robustness

Wide two-layer neural networks can generalize well from mislabeled adversarial examples because adversarial perturbations surprisingly contain sufficient class-specific features.

Self-attention, a key component of transformers, is revealed to be a projection of query vectors onto the principal components of the key matrix, derived from kernel PCA. This novel perspective leads…

PamaCF, a novel personalized adversarial collaborative filtering technique, significantly improves recommendation robustness and accuracy against poisoning attacks by dynamically adjusting perturbatio…

This paper optimizes randomized smoothing, a crucial certified defense against adversarial attacks, by introducing novel statistical methods that drastically reduce the computational cost, leading to …

Challenging common assumptions, researchers prove that flatter adversarial examples don’t guarantee better transferability and introduce TPA, a theoretically-grounded attack creating more transferable…

Optimization’s implicit bias in robust machine learning hurts generalization; this work reveals how algorithm/architecture choices impact robustness, suggesting better optimization strategies are need…

Deep learning models’ success hinges on understanding gradient descent’s implicit bias. This study reveals how this bias influences layer collaboration, revealing a decreasing trend in adversarial rob…

SuperDeepFool: a fast, accurate algorithm generating minimal adversarial perturbations, significantly improving deep learning model robustness evaluation and adversarial training.

Researchers can now reliably benchmark classifiers using multiple quality metrics via the GSD-front, a new information-efficient technique that accounts for statistical uncertainty and deviations from…

This paper provides novel theoretical guarantees for adversarial training of shallow neural networks, improving generalization bounds via early stopping and Moreau’s envelope smoothing.

Score-based generative models are provably robust to multiple error sources, as shown via a novel Wasserstein uncertainty propagation theorem.

This paper presents a computationally efficient algorithm for robustly learning Gaussian single-index models under adversarial label noise, achieving near-optimal sample complexity.

New algorithms achieve near-optimal error rates for sparse linear regression, even under adversarial data corruption and heavy-tailed noise distributions.

R-NeuralUCB: A robust neural contextual bandit algorithm uses a context-aware gradient descent training to defend against adversarial reward corruptions, achieving better performance with theoretical …

Outlier-robust mixture learning gets order-optimal error guarantees, even when outliers massively outnumber small groups, via a novel meta-algorithm leveraging mixture structure.

RUNG: a novel GNN architecture boasting superior robustness against adaptive attacks by employing an unbiased aggregation technique.

Robust Gaussian Processes via Relevance Pursuit tackles noisy data by cleverly inferring data-point specific noise levels, leading to more accurate predictions.

Selective Projection Decay (SPD) enhances robust fine-tuning of foundation models by selectively applying weight decay, improving generalization and out-of-distribution robustness.

RABBit: A novel Branch-and-Bound verifier for precise relational verification of Deep Neural Networks, achieving substantial precision gains over current state-of-the-art baselines.

PREPARED efficiently edits DNNs to provably satisfy properties by relaxing the problem to a linear program, minimizing parameter changes.