Papers

Topics

Authors

Recent

View all

Detailed Answer

Quick Answer

Concise responses based on abstracts only

Detailed Answer

Well-researched responses based on abstracts and relevant paper content.

Custom Instructions Pro

Preferences or requirements that you'd like Emergent Mind to consider when generating responses

Gemini 2.5 Flash

Gemini 2.5 Flash 37 tok/s

Gemini 2.5 Pro 41 tok/s Pro

GPT-5 Medium 10 tok/s Pro

GPT-5 High 15 tok/s Pro

GPT-4o 84 tok/s Pro

Kimi K2 198 tok/s Pro

GPT OSS 120B 448 tok/s Pro

Claude Sonnet 4 31 tok/s Pro

2000 character limit reached

Why adversarial training can hurt robust accuracy (2203.02006v1)

Published 3 Mar 2022 in cs.LG, cs.CR, cs.CV, and stat.ML

Abstract: Machine learning classifiers with high test accuracy often perform poorly under adversarial attacks. It is commonly believed that adversarial training alleviates this issue. In this paper, we demonstrate that, surprisingly, the opposite may be true -- Even though adversarial training helps when enough data is available, it may hurt robust generalization in the small sample size regime. We first prove this phenomenon for a high-dimensional linear classification setting with noiseless observations. Our proof provides explanatory insights that may also transfer to feature learning models. Further, we observe in experiments on standard image datasets that the same behavior occurs for perceptible attacks that effectively reduce class information such as mask attacks and object corruptions.

Citations (16)

View on Semantic Scholar