Regularization properties of adversarially-trained linear regression
–Neural Information Processing Systems
State-of-the-art machine learning models can be vulnerable to very small input perturbations that are adversarially constructed. Adversarial training is an effective approach to defend against it. Formulated as a min-max problem, it searches for the best solution when the training data were corrupted by the worst-case attacks. Linear models are among the simple models where vulnerabilities can be observed and are the focus of our study. In this case, adversarial training leads to a convex optimization problem which can be formulated as the minimization of a finite sum.
Neural Information Processing Systems
Jan-17-2025, 12:51:13 GMT
- Technology: