Colliding with Adversaries at ECML-PKDD 2025 Model Robustness Competition 1st Prize Solution
This work addresses robustness in machine learning models for high-energy physics discovery, but it is incremental as it builds on existing adversarial attack methods and competition frameworks.
The paper tackled the problem of designing a robust ANN-based model for binary classification in high-energy physics, achieving a mixed accuracy of 80% on both clean and adversarial data, which was 2 percentage points higher than the second-place solution in a competition.
This report presents the winning solution for Task 2 of Colliding with Adversaries: A Challenge on Robust Learning in High Energy Physics Discovery at ECML-PKDD 2025. The goal of the challenge was to design and train a robust ANN-based model capable of achieving high accuracy in a binary classification task on both clean and adversarial data generated with the Random Distribution Shuffle Attack (RDSA). Our solution consists of two components: a data generation phase and a robust model training phase. In the first phase, we produced 15 million artificial training samples using a custom methodology derived from Random Distribution Shuffle Attack (RDSA). In the second phase, we introduced a robust architecture comprising (i)a Feature Embedding Block with shared weights among features of the same type and (ii)a Dense Fusion Tail responsible for the final prediction. Training this architecture on our adversarial dataset achieved a mixed accuracy score of 80\%, exceeding the second-place solution by two percentage points.