{
  "id": "2008.06081",
  "version": "v1",
  "published": "2020-08-13T18:49:15.000Z",
  "updated": "2020-08-13T18:49:15.000Z",
  "title": "Adversarial Training and Provable Robustness: A Tale of Two Objectives",
  "authors": [
    "Jiameng Fan",
    "Wenchao Li"
  ],
  "comment": "16 pages",
  "categories": [
    "cs.LG",
    "stat.ML"
  ],
  "abstract": "We propose a principled framework that combines adversarial training and provable robustness verification for training certifiably robust neural networks. We formulate the training problem as a joint optimization problem with both empirical and provable robustness objectives and develop a novel gradient-descent technique that can eliminate bias in stochastic multi-gradients. We perform both theoretical analysis on the convergence of the proposed technique and experimental comparison with state-of-the-arts. Results on MNIST and CIFAR-10 show that our method can match or outperform prior approaches for provable l infinity robustness.",
  "revisions": [
    {
      "version": "v1",
      "updated": "2020-08-13T18:49:15.000Z"
    }
  ],
  "analyses": {
    "keywords": [
      "provable robustness",
      "adversarial training",
      "objectives",
      "outperform prior approaches",
      "training certifiably robust neural networks"
    ],
    "note": {
      "typesetting": "TeX",
      "pages": 16,
      "language": "en",
      "license": "arXiv",
      "status": "editable"
    }
  }
}