Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations

Yu Lin Tsai; Chia Yi Hsu; Chia Mu Yu; Pin Yu Chen

Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations

Yu Lin Tsai^*, Chia Yi Hsu, Chia Mu Yu, Pin Yu Chen

^*此作品的通信作者

資訊管理與財務金融學系

研究成果: Conference contribution › 同行評審

18 引文斯高帕斯（Scopus）

摘要

Studying the sensitivity of weight perturbation in neural networks and its impacts on model performance, including generalization and robustness, is an active research topic due to its implications on a wide range of machine learning tasks such as model compression, generalization gap assessment, and adversarial attacks. In this paper, we provide the first integral study and analysis for feed-forward neural networks in terms of the robustness in pairwise class margin and its generalization behavior under weight perturbation. We further design a new theory-driven loss function for training generalizable and robust neural networks against weight perturbations. Empirical experiments are conducted to validate our theoretical analysis. Our results offer fundamental insights for characterizing the generalization and robustness of neural networks against weight perturbations.

原文	English
主出版物標題	Advances in Neural Information Processing Systems 34 - 35th Conference on Neural Information Processing Systems, NeurIPS 2021
編輯	Marc'Aurelio Ranzato, Alina Beygelzimer, Yann Dauphin, Percy S. Liang, Jenn Wortman Vaughan
發行者	Neural information processing systems foundation
頁面	19692-19704
頁數	13
ISBN（電子）	9781713845393
出版狀態	Published - 2021
事件	35th Conference on Neural Information Processing Systems, NeurIPS 2021 - Virtual, Online 持續時間: 6 12月 2021 → 14 12月 2021

出版系列

名字	Advances in Neural Information Processing Systems
卷	24
ISSN（列印）	1049-5258

Conference

Conference	35th Conference on Neural Information Processing Systems, NeurIPS 2021
城市	Virtual, Online
期間	6/12/21 → 14/12/21

其它文件與鏈接

Link to publication in Scopus

引用此

Tsai, Y. L., Hsu, C. Y., Yu, C. M., & Chen, P. Y. (2021). Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations. 於 MA. Ranzato, A. Beygelzimer, Y. Dauphin, P. S. Liang, & J. Wortman Vaughan (編輯), Advances in Neural Information Processing Systems 34 - 35th Conference on Neural Information Processing Systems, NeurIPS 2021 (頁 19692-19704). (Advances in Neural Information Processing Systems; 卷 24). Neural information processing systems foundation.

Tsai, Yu Lin ; Hsu, Chia Yi ; Yu, Chia Mu 等. / Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations. Advances in Neural Information Processing Systems 34 - 35th Conference on Neural Information Processing Systems, NeurIPS 2021. 編輯 / Marc'Aurelio Ranzato ; Alina Beygelzimer ; Yann Dauphin ; Percy S. Liang ; Jenn Wortman Vaughan. Neural information processing systems foundation, 2021. 頁 19692-19704 (Advances in Neural Information Processing Systems).

@inproceedings{ac5762b6d61b4439bf273ebd5df3bc14,

title = "Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations",

abstract = "Studying the sensitivity of weight perturbation in neural networks and its impacts on model performance, including generalization and robustness, is an active research topic due to its implications on a wide range of machine learning tasks such as model compression, generalization gap assessment, and adversarial attacks. In this paper, we provide the first integral study and analysis for feed-forward neural networks in terms of the robustness in pairwise class margin and its generalization behavior under weight perturbation. We further design a new theory-driven loss function for training generalizable and robust neural networks against weight perturbations. Empirical experiments are conducted to validate our theoretical analysis. Our results offer fundamental insights for characterizing the generalization and robustness of neural networks against weight perturbations.",

author = "Tsai, {Yu Lin} and Hsu, {Chia Yi} and Yu, {Chia Mu} and Chen, {Pin Yu}",

note = "Publisher Copyright: {\textcopyright} 2021 Neural information processing systems foundation. All rights reserved.; 35th Conference on Neural Information Processing Systems, NeurIPS 2021 ; Conference date: 06-12-2021 Through 14-12-2021",

year = "2021",

language = "English",

series = "Advances in Neural Information Processing Systems",

publisher = "Neural information processing systems foundation",

pages = "19692--19704",

editor = "Marc'Aurelio Ranzato and Alina Beygelzimer and Yann Dauphin and Liang, {Percy S.} and {Wortman Vaughan}, Jenn",

booktitle = "Advances in Neural Information Processing Systems 34 - 35th Conference on Neural Information Processing Systems, NeurIPS 2021",

}

Tsai, YL, Hsu, CY, Yu, CM & Chen, PY 2021, Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations. 於 MA Ranzato, A Beygelzimer, Y Dauphin, PS Liang & J Wortman Vaughan (編輯), Advances in Neural Information Processing Systems 34 - 35th Conference on Neural Information Processing Systems, NeurIPS 2021. Advances in Neural Information Processing Systems, 卷 24, Neural information processing systems foundation, 頁 19692-19704, 35th Conference on Neural Information Processing Systems, NeurIPS 2021, Virtual, Online, 6/12/21.

Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations. / Tsai, Yu Lin; Hsu, Chia Yi; Yu, Chia Mu 等.
Advances in Neural Information Processing Systems 34 - 35th Conference on Neural Information Processing Systems, NeurIPS 2021. 編輯 / Marc'Aurelio Ranzato; Alina Beygelzimer; Yann Dauphin; Percy S. Liang; Jenn Wortman Vaughan. Neural information processing systems foundation, 2021. p. 19692-19704 (Advances in Neural Information Processing Systems; 卷 24).

研究成果: Conference contribution › 同行評審

TY - GEN

T1 - Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations

AU - Tsai, Yu Lin

AU - Hsu, Chia Yi

AU - Yu, Chia Mu

AU - Chen, Pin Yu

PY - 2021

Y1 - 2021

N2 - Studying the sensitivity of weight perturbation in neural networks and its impacts on model performance, including generalization and robustness, is an active research topic due to its implications on a wide range of machine learning tasks such as model compression, generalization gap assessment, and adversarial attacks. In this paper, we provide the first integral study and analysis for feed-forward neural networks in terms of the robustness in pairwise class margin and its generalization behavior under weight perturbation. We further design a new theory-driven loss function for training generalizable and robust neural networks against weight perturbations. Empirical experiments are conducted to validate our theoretical analysis. Our results offer fundamental insights for characterizing the generalization and robustness of neural networks against weight perturbations.

AB - Studying the sensitivity of weight perturbation in neural networks and its impacts on model performance, including generalization and robustness, is an active research topic due to its implications on a wide range of machine learning tasks such as model compression, generalization gap assessment, and adversarial attacks. In this paper, we provide the first integral study and analysis for feed-forward neural networks in terms of the robustness in pairwise class margin and its generalization behavior under weight perturbation. We further design a new theory-driven loss function for training generalizable and robust neural networks against weight perturbations. Empirical experiments are conducted to validate our theoretical analysis. Our results offer fundamental insights for characterizing the generalization and robustness of neural networks against weight perturbations.

UR - http://www.scopus.com/inward/record.url?scp=85129063028&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:85129063028

T3 - Advances in Neural Information Processing Systems

SP - 19692

EP - 19704

BT - Advances in Neural Information Processing Systems 34 - 35th Conference on Neural Information Processing Systems, NeurIPS 2021

A2 - Ranzato, Marc'Aurelio

A2 - Beygelzimer, Alina

A2 - Dauphin, Yann

A2 - Liang, Percy S.

A2 - Wortman Vaughan, Jenn

PB - Neural information processing systems foundation

T2 - 35th Conference on Neural Information Processing Systems, NeurIPS 2021

Y2 - 6 December 2021 through 14 December 2021

ER -

Tsai YL, Hsu CY, Yu CM, Chen PY. Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations. 於 Ranzato MA, Beygelzimer A, Dauphin Y, Liang PS, Wortman Vaughan J, 編輯, Advances in Neural Information Processing Systems 34 - 35th Conference on Neural Information Processing Systems, NeurIPS 2021. Neural information processing systems foundation. 2021. p. 19692-19704. (Advances in Neural Information Processing Systems).

Formalizing Generalization and Adversarial Robustness of Neural Networks to Weight Perturbations

摘要

出版系列

Conference

其它文件與鏈接

指紋

引用此