Adversarial Examples from Dimensional Invariance
This addresses the fundamental cause of adversarial examples for all ML models, potentially impacting security and robustness across the field.
The paper tackles the problem of adversarial examples in machine learning by showing they arise from approximate discontinuities in models that map between spaces of different dimensions, due to topological invariance of dimension, supported by theoretical and empirical results.
Adversarial examples have been found for various deep as well as shallow learning models, and have at various times been suggested to be either fixable model-specific bugs, or else inherent dataset feature, or both. We present theoretical and empirical results to show that adversarial examples are approximate discontinuities resulting from models that specify approximately bijective maps $f: \Bbb R^n \to \Bbb R^m; n \neq m$ over their inputs, and this discontinuity follows from the topological invariance of dimension.