Adversarial Examples as an Input-Fault Tolerance Problem
This work addresses the robustness of machine learning models to adversarial attacks, but it appears incremental as it shifts the focus from existing threat models to a new evaluation framework without claiming major performance gains.
The paper tackles the adversarial examples problem by reframing it as an input-fault tolerance issue, proposing an information-based characteristic to evaluate tolerance to diverse input faults instead of relying on strict threat models like ε-perturbations.
We analyze the adversarial examples problem in terms of a model's fault tolerance with respect to its input. Whereas previous work focuses on arbitrarily strict threat models, i.e., $ε$-perturbations, we consider arbitrary valid inputs and propose an information-based characteristic for evaluating tolerance to diverse input faults.