On adversarial robustness and the use of Wasserstein ascent-descent dynamics to enforce it
This work addresses adversarial robustness for machine learning models, presenting a novel method that is incremental in nature.
The authors tackled adversarial robustness in supervised learning by proposing iterative algorithms based on Wasserstein ascent-descent dynamics, which converge to approximate Nash equilibria in nonconvex settings, with numerical experiments validating the results.
We propose iterative algorithms to solve adversarial problems in a variety of supervised learning settings of interest. Our algorithms, which can be interpreted as suitable ascent-descent dynamics in Wasserstein spaces, take the form of a system of interacting particles. These interacting particle dynamics are shown to converge toward appropriate mean-field limit equations in certain large number of particles regimes. In turn, we prove that, under certain regularity assumptions, these mean-field equations converge, in the large time limit, toward approximate Nash equilibria of the original adversarial learning problems. We present results for nonconvex-nonconcave settings, as well as for nonconvex-concave ones. Numerical experiments illustrate our results.