`

Timezone: »

 
Spotlight
Clustering Effect of Adversarial Robust Models
Yang Bai · Xin Yan · Yong Jiang · Shu-Tao Xia · Yisen Wang

@ None

Adversarial robustness has received increasing attention along with the study of adversarial examples. So far, existing works show that robust models not only obtain robustness against various adversarial attacks but also boost the performance in some downstream tasks. However, the underlying mechanism of adversarial robustness is still not clear. In this paper, we interpret adversarial robustness from the perspective of linear components, and find that there exist some statistical properties for comprehensively robust models. Specifically, robust models show obvious hierarchical clustering effect on their linearized sub-networks, when removing or replacing all non-linear components (e.g., batch normalization, maximum pooling, or activation layers). Based on these observations, we propose a novel understanding of adversarial robustness and apply it on more tasks including domain adaption and robustness boosting. Experimental evaluations demonstrate the rationality and superiority of our proposed clustering strategy.

Author Information

Yang Bai (Tsinghua University)
Xin Yan (None)
Yong Jiang (Tsinghua)
Shu-Tao Xia (Tsinghua University)
Yisen Wang (Peking University)

Related Events (a corresponding poster, oral, or spotlight)

More from the Same Authors