Generalization analysis of adversarial pairwise learning

被引：0

作者：

Wen, Wen ^{[1
]}

Li, Han ^{[1
,2
]}

Wu, Rui ^{[5
]}

Wu, Lingjuan ^{[1
]}

Chen, Hong ^{[1
,2
,3
,4
]}

机构：

[1] Huazhong Agr Univ, Coll Informat, Wuhan 430070, Peoples R China

[2] Minist Educ, Engn Res Ctr Intelligent Technol Agr, Wuhan 430070, Peoples R China

[3] Huazhong Agr Univ, Shenzhen Inst Nutr & Hlth, Shenzhen 518000, Peoples R China

[4] Chinese Acad Agr Sci, Shenzhen Branch, Guangdong Lab Lingnan Modern Agr, Genome Anal Lab,Minist Agr,Agr Genom Inst Shenzhen, Shenzhen 518000, Peoples R China

[5] Horizon Robot, Beijing 100190, Peoples R China

来源：

NEURAL NETWORKS | 2025年 / 183卷

关键词：

Adversarial pairwise learning; Perturbation attacks; Error analysis; Generalization bounds; RATES;

D O I：

10.1016/j.neunet.2024.106955

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Adversarial pairwise learning has become the predominant method to enhance the discrimination ability of models against adversarial attacks, achieving tremendous success in various application fields. Despite excellent empirical performance, adversarial robustness and generalization of adversarial pairwise learning remain poorly understood from the theoretical perspective. This paper moves towards this by establishing the high- probability generalization bounds. Our bounds generally apply to various models and pairwise learning tasks. We give application examples involving explicit bounds of adversarial bipartite ranking and adversarial metric learning to illustrate how the theoretical results can be extended. Furthermore, we develop the optimistic generalization bound at order c(n-1) on the sample size n by leveraging local Rademacher complexity. Our analysis provides meaningful theoretical guidance for improving adversarial robustness through feature size and regularization. Experimental results validate theoretical findings.

引用

页数：15

共 59 条

[21]

Kohavi R., 1996, KDD-96 Proceedings. Second International Conference on Knowledge Discovery and Data Mining, P202

[22]

Krizhevsky A, 2009, LEARNING MULTIPLE LA

[23]

Kurakin A., 2018, Artificial intelligence safety and security, P99, DOI DOI 10.1201/9781351251389-8

[24]

Ledent A, 2021, AAAI CONF ARTIF INTE, V35, P8279

[25]

Lei Y., 2020, ADV NEUR IN, P21236

[26] Data-Dependent Generalization Bounds for Multi-Class Classification [J].

Lei, Yunwen ;

Dogan, Urun ;

Zhou, Ding-Xuan ;

Kloft, Marius .

IEEE TRANSACTIONS ON INFORMATION THEORY, 2019, 65 (05) :2995-3021

[27]

Lei Yunwen, 2021, Advances in Neural Information Processing Systems, V34

[28] Discrete Point-wise Attack Is Not Enough: Generalized Manifold Adversarial Attack for Face Recognition [J].

Li, Qian ;

Hu, Yuxiao ;

Liu, Ye ;

Zhang, Dongxiao ;

Jin, Xin ;

Chen, Yuntian .

2023 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR), 2023, :20575-20584

[29] Learning Rates for Nonconvex Pairwise Learning [J].

Li, Shaojie ;

Liu, Yong .

IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE, 2023, 45 (08) :9996-10011

[30] Graph Sampling Based Deep Metric Learning for Generalizable Person Re-Identification [J].

Liao, Shengcai ;

Shao, Ling .

2022 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR), 2022, :7349-7358

← 1 2 3 4 5 6 →