Understanding adversarial robustness via optimal transport perspective.

Speaker: Jakwang Kim, UBC

Date: Wed, Sep 27, 2023

Location: Online

Conference: Emergent Research: The PIMS Postdoctoral Fellow Seminar

Subject: Mathematics

Class: Scientific


In this talk, I will present the recent progress of understanding adversarial multiclass classification problems, motivated by the empirical observation of the sensitivity of neural networks by small adversarial attacks. From the perspective of optimal transport theory, I will give equivalent reformulations of this problem in terms of 'generalized barycenter problems' and a family of multimarginal optimal transport problems. These new theoretical results reveal a rich geometric structure of adversarial learning problems in multiclass classification and extend recent results restricted to the binary classification setting. Furthermore, based on this optimal transport approach I will give the result of the existence of optimal robust classifiers which not only extends the binary setting to the general one but also provides shorter proof and an interpretation between adversarial training problems and related generalized barycenter problems.