题　目：Regularization for Adversarial Robust Learning

嘉　宾：Jie Wang, Ph.D. Candidate, Georgia Institute of Technology

主持人：花成 副教授 上海交通大学安泰经济与管理学院

时　间：2024年12月4日（周三）14:00-15:30

地　点：安泰楼A503室

内容简介：

Despite the growing prevalence of artificial neural networks in real-world applications, their vulnerability to adversarial attacks remains a significant concern, which motivates us to investigate the robustness of machine learning models. While various heuristics aim to optimize the distributionally robust risk using the Wasserstein metric, such a notion of robustness frequently encounters computation intractability. To tackle the computational challenge, we develop a novel approach to adversarial training that integrates phi-divergence regularization into the distributionally robust risk function. This regularization brings a notable improvement in computation compared with the original formulation. We develop stochastic gradient methods with biased oracles to solve this problem efficiently, achieving the near-optimal sample complexity. Moreover, we establish its regularization effects and demonstrate it is asymptotic equivalence to a regularized empirical risk minimization framework, by considering various scaling regimes of the regularization parameter and robustness level. These regimes yield gradient norm regularization, variance regularization, or a smoothed gradient norm regularization that interpolates between these extremes. We numerically validate our proposed method in supervised learning, reinforcement learning, and contextual learning and showcase its state-of-the-art performance against various adversarial attacks.

演讲人简介：

Jie Wang is a final-year Ph.D. candidate in the H. Milton Stewart School of Industrial and Systems Engineering at Georgia Institute of Technology. He received bachelor's degree in Pure Mathematics Major from The Chinese University of Hong Kong, Shenzhen. His main research studies decision-making under uncertainty. His research has been published in several top journals and conferences such as Operations Research, Information and Inference: a Journal of the IMA, IEEE Journal on Selected Areas in Communications, IEEE Journal on Selected Areas in Information Theory, NeurIPS, and AISTATS. He has received several awards, such as Winner in the 2022 INFORMS Poster Competition, Winner of the Best Theoretical Paper in the 2023 INFORMS Workshop on DMDA, and runner-up in the 2024 INFORMS Computing Society Best Student Paper Award.

欢迎广大师生参加！