论文标题
二进制分类中的对抗性替代风险的存在和最小值定理
Existence and Minimax Theorems for Adversarial Surrogate Risks in Binary Classification
论文作者
论文摘要
对抗性训练是对对抗性攻击的训练方法最流行的方法之一,但是,从理论的角度来看,这并不是很好地理解。我们证明并存在对抗替代风险的生存,规律性和最小值定理。我们的结果解释了对先前工作的对抗鲁棒性的一些经验观察,并提出了算法开发中的新方向。此外,我们的结果扩展了以前已知的存在和对替代风险的对抗性分类风险的最小化定理。
Adversarial training is one of the most popular methods for training methods robust to adversarial attacks, however, it is not well-understood from a theoretical perspective. We prove and existence, regularity, and minimax theorems for adversarial surrogate risks. Our results explain some empirical observations on adversarial robustness from prior work and suggest new directions in algorithm development. Furthermore, our results extend previously known existence and minimax theorems for the adversarial classification risk to surrogate risks.
