Improving robustness of jet tagging algorithms with adversarial training: exploring the loss surface
This work addresses robustness for high-energy physics analysts, but it is incremental as it applies existing adversarial training methods to a specific domain.
The paper tackled the problem of improving robustness in jet flavor tagging algorithms against adversarial attacks, which model systematic uncertainties, by using adversarial training and exploring the loss surface for geometric interpretations, resulting in maintained high performance.
In the field of high-energy physics, deep learning algorithms continue to gain in relevance and provide performance improvements over traditional methods, for example when identifying rare signals or finding complex patterns. From an analyst's perspective, obtaining highest possible performance is desirable, but recently, some attention has been shifted towards studying robustness of models to investigate how well these perform under slight distortions of input features. Especially for tasks that involve many (low-level) inputs, the application of deep neural networks brings new challenges. In the context of jet flavor tagging, adversarial attacks are used to probe a typical classifier's vulnerability and can be understood as a model for systematic uncertainties. A corresponding defense strategy, adversarial training, improves robustness, while maintaining high performance. Investigating the loss surface corresponding to the inputs and models in question reveals geometric interpretations of robustness, taking correlations into account.