ML Anthology

Are Adversarial Examples Inevitable?

Ali Shafahi, W. Ronny Huang, Christoph Studer, Soheil Feizi, Tom Goldstein
ICLR 2019
/iclr/2019/shafahi2019iclr-adversarial/

Abstract

A wide range of defenses have been proposed to harden neural networks against adversarial attacks. However, a pattern has emerged in which the majority of adversarial defenses are quickly broken by new attacks. Given the lack of success at generating robust defenses, we are led to ask a fundamental question: Are adversarial attacks inevitable? This paper analyzes adversarial examples from a theoretical perspective, and identifies fundamental bounds on the susceptibility of a classifier to adversarial attacks. We show that, for certain classes of problems, adversarial examples are inescapable. Using experiments, we explore the implications of theoretical guarantees for real-world problems and discuss how factors such as dimensionality and image complexity limit a classifier's robustness against adversarial examples.

PDF ICLR Semantic Scholar

Cite

Text

Shafahi et al. "Are Adversarial Examples Inevitable?." International Conference on Learning Representations, 2019.

Markdown

[Shafahi et al. "Are Adversarial Examples Inevitable?." International Conference on Learning Representations, 2019.](https://mlanthology.org/iclr/2019/shafahi2019iclr-adversarial/)

BibTeX

@inproceedings{shafahi2019iclr-adversarial,
  title     = {{Are Adversarial Examples Inevitable?}},
  author    = {Shafahi, Ali and Huang, W. Ronny and Studer, Christoph and Feizi, Soheil and Goldstein, Tom},
  booktitle = {International Conference on Learning Representations},
  year      = {2019},
  url       = {https://mlanthology.org/iclr/2019/shafahi2019iclr-adversarial/}
}