Saved in:
Bibliographic Details
Main Authors: Gupta, Srishti, Chen, Zhang, Demetrio, Luca, Feng, Xiaoyi, Xia, Zhaoqiang, Cinà, Antonio Emanuele, Pintor, Maura, Oneto, Luca, Demontis, Ambra, Biggio, Battista, Roli, Fabio
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2406.10090
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912769627914240
author Gupta, Srishti
Chen, Zhang
Demetrio, Luca
Feng, Xiaoyi
Xia, Zhaoqiang
Cinà, Antonio Emanuele
Pintor, Maura
Oneto, Luca
Demontis, Ambra
Biggio, Battista
Roli, Fabio
author_facet Gupta, Srishti
Chen, Zhang
Demetrio, Luca
Feng, Xiaoyi
Xia, Zhaoqiang
Cinà, Antonio Emanuele
Pintor, Maura
Oneto, Luca
Demontis, Ambra
Biggio, Battista
Roli, Fabio
contents Thanks to their extensive capacity, over-parameterized neural networks exhibit superior predictive capabilities and generalization. However, having a large parameter space is considered one of the main suspects of the neural networks' vulnerability to adversarial example -- input samples crafted ad-hoc to induce a desired misclassification. Relevant literature has claimed contradictory remarks in support of and against the robustness of over-parameterized networks. These contradictory findings might be due to the failure of the attack employed to evaluate the networks' robustness. Previous research has demonstrated that depending on the considered model, the algorithm employed to generate adversarial examples may not function properly, leading to overestimating the model's robustness. In this work, we empirically study the robustness of over-parameterized networks against adversarial examples. However, unlike the previous works, we also evaluate the considered attack's reliability to support the results' veracity. Our results show that over-parameterized networks are robust against adversarial attacks as opposed to their under-parameterized counterparts.
format Preprint
id arxiv_https___arxiv_org_abs_2406_10090
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Over-parameterization and Adversarial Robustness in Neural Networks: An Overview and Empirical Analysis
Gupta, Srishti
Chen, Zhang
Demetrio, Luca
Feng, Xiaoyi
Xia, Zhaoqiang
Cinà, Antonio Emanuele
Pintor, Maura
Oneto, Luca
Demontis, Ambra
Biggio, Battista
Roli, Fabio
Machine Learning
68T10
I.5
Thanks to their extensive capacity, over-parameterized neural networks exhibit superior predictive capabilities and generalization. However, having a large parameter space is considered one of the main suspects of the neural networks' vulnerability to adversarial example -- input samples crafted ad-hoc to induce a desired misclassification. Relevant literature has claimed contradictory remarks in support of and against the robustness of over-parameterized networks. These contradictory findings might be due to the failure of the attack employed to evaluate the networks' robustness. Previous research has demonstrated that depending on the considered model, the algorithm employed to generate adversarial examples may not function properly, leading to overestimating the model's robustness. In this work, we empirically study the robustness of over-parameterized networks against adversarial examples. However, unlike the previous works, we also evaluate the considered attack's reliability to support the results' veracity. Our results show that over-parameterized networks are robust against adversarial attacks as opposed to their under-parameterized counterparts.
title Over-parameterization and Adversarial Robustness in Neural Networks: An Overview and Empirical Analysis
topic Machine Learning
68T10
I.5
url https://arxiv.org/abs/2406.10090