Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Hou, Zhichao, Torkamani, MohamadAli, Krim, Hamid, Liu, Xiaorui
Format: Preprint
Veröffentlicht: 2024
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2410.04577
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866912061912514560
author Hou, Zhichao
Torkamani, MohamadAli
Krim, Hamid
Liu, Xiaorui
author_facet Hou, Zhichao
Torkamani, MohamadAli
Krim, Hamid
Liu, Xiaorui
contents This work tackles an intriguing and fundamental open challenge in representation learning: Given a well-trained deep learning model, can it be reprogrammed to enhance its robustness against adversarial or noisy input perturbations without altering its parameters? To explore this, we revisit the core feature transformation mechanism in representation learning and propose a novel non-linear robust pattern matching technique as a robust alternative. Furthermore, we introduce three model reprogramming paradigms to offer flexible control of robustness under different efficiency requirements. Comprehensive experiments and ablation studies across diverse learning models ranging from basic linear model and MLPs to shallow and modern deep ConvNets demonstrate the effectiveness of our approaches. This work not only opens a promising and orthogonal direction for improving adversarial defenses in deep learning beyond existing methods but also provides new insights into designing more resilient AI systems with robust statistics.
format Preprint
id arxiv_https___arxiv_org_abs_2410_04577
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Robustness Reprogramming for Representation Learning
Hou, Zhichao
Torkamani, MohamadAli
Krim, Hamid
Liu, Xiaorui
Machine Learning
This work tackles an intriguing and fundamental open challenge in representation learning: Given a well-trained deep learning model, can it be reprogrammed to enhance its robustness against adversarial or noisy input perturbations without altering its parameters? To explore this, we revisit the core feature transformation mechanism in representation learning and propose a novel non-linear robust pattern matching technique as a robust alternative. Furthermore, we introduce three model reprogramming paradigms to offer flexible control of robustness under different efficiency requirements. Comprehensive experiments and ablation studies across diverse learning models ranging from basic linear model and MLPs to shallow and modern deep ConvNets demonstrate the effectiveness of our approaches. This work not only opens a promising and orthogonal direction for improving adversarial defenses in deep learning beyond existing methods but also provides new insights into designing more resilient AI systems with robust statistics.
title Robustness Reprogramming for Representation Learning
topic Machine Learning
url https://arxiv.org/abs/2410.04577