Papers

Topics

Authors

Recent

View all

Detailed Answer

Quick Answer

Concise responses based on abstracts only

Detailed Answer

Well-researched responses based on abstracts and relevant paper content.

Custom Instructions Pro

Preferences or requirements that you'd like Emergent Mind to consider when generating responses

Gemini 2.5 Flash

Gemini 2.5 Flash 37 tok/s

Gemini 2.5 Pro 41 tok/s Pro

GPT-5 Medium 10 tok/s Pro

GPT-5 High 15 tok/s Pro

GPT-4o 84 tok/s Pro

Kimi K2 198 tok/s Pro

GPT OSS 120B 448 tok/s Pro

Claude Sonnet 4 31 tok/s Pro

2000 character limit reached

Adversarial Examples Exist in Two-Layer ReLU Networks for Low Dimensional Linear Subspaces (2303.00783v2)

Published 1 Mar 2023 in cs.LG, cs.CR, cs.NE, and stat.ML

Abstract: Despite a great deal of research, it is still not well-understood why trained neural networks are highly vulnerable to adversarial examples. In this work we focus on two-layer neural networks trained using data which lie on a low dimensional linear subspace. We show that standard gradient methods lead to non-robust neural networks, namely, networks which have large gradients in directions orthogonal to the data subspace, and are susceptible to small adversarial $L_2$-perturbations in these directions. Moreover, we show that decreasing the initialization scale of the training algorithm, or adding $L_2$ regularization, can make the trained network more robust to adversarial perturbations orthogonal to the data.

Citations (1)

View on Semantic Scholar