Timezone: »

PixMix: Dreamlike Pictures Comprehensively Improve Safety Measures
Dan Hendrycks · Andy Zou · Mantas Mazeika · Leonard Tang · Dawn Song · Jacob Steinhardt
Event URL: https://openreview.net/forum?id=WeUg_KpkFtt »

In real-world applications of machine learning, robust systems must consider measures of performance beyond standard test accuracy. These include out-of-distribution (OOD) robustness, prediction consistency, resilience to adversaries, calibrated uncertainty estimates, and the ability to detect anomalous inputs. However, optimizing for some of these measures often sacrifices performance on others. For instance, adversarial training only improves adversarial robustness and degrades classifier performance. Similarly, strong data augmentation and regularization techniques often improve OOD robustness at the cost of weaker anomaly detection, raising the question of whether a Pareto improvement is possible. We identify a weakness of existing data augmentation techniques---namely, while they inject additional entropy into the training set, the entropy does not contain substantial structural complexity. This leads us to design a new data augmentation strategy utilizing the natural structural complexity of fractals, which outperforms numerous baselines and is the first method to comprehensively improve safety measures.

Author Information

Dan Hendrycks (UC Berkeley)
Andy Zou (UC Berkeley)
Mantas Mazeika (University of Illinois Urbana-Champaign)
Leonard Tang (Harvard University)
Dawn Song (UC Berkeley)
Jacob Steinhardt (UC Berkeley)

More from the Same Authors