Towards Adversarially Robust Dataset Distillation by Curvature Regularization
This work addresses the need for robust dataset distillation to enhance model security in machine learning applications, representing a novel perspective in the field.
The paper tackles the problem of embedding adversarial robustness into distilled datasets, enabling models trained on them to maintain high accuracy while acquiring better robustness against adversarial attacks, with results showing it outperforms standard adversarial training in both accuracy and robustness with less computational overhead.
Dataset distillation (DD) allows datasets to be distilled to fractions of their original size while preserving the rich distributional information, so that models trained on the distilled datasets can achieve a comparable accuracy while saving significant computational loads. Recent research in this area has been focusing on improving the accuracy of models trained on distilled datasets. In this paper, we aim to explore a new perspective of DD. We study how to embed adversarial robustness in distilled datasets, so that models trained on these datasets maintain the high accuracy and meanwhile acquire better adversarial robustness. We propose a new method that achieves this goal by incorporating curvature regularization into the distillation process with much less computational overhead than standard adversarial training. Extensive empirical experiments suggest that our method not only outperforms standard adversarial training on both accuracy and robustness with less computation overhead but is also capable of generating robust distilled datasets that can withstand various adversarial attacks. Our implementation is available at: https://github.com/yumozi/GUARD.