The article discusses the vulnerability of deep learning models to adversarial attacks and the potential robustness of Bayesian Neural Networks (BNNs). It analyzes the geometry of adversarial attacks in BNNs and demonstrates that BNN posteriors are robust to gradient-based attacks in the over-parameterized limit. The paper provides theoretical proofs and empirical results supporting the robustness of BNNs to both gradient-based and gradient-free adversarial attacks on various datasets. It also explores the convergence of BNNs to Gaussian Processes and the implications for model robustness in safety-critical applications.
In eine andere Sprache
aus dem Quellinhalt
arxiv.org
Wichtige Erkenntnisse aus
by Luca Bortolu... um arxiv.org 02-29-2024
https://arxiv.org/pdf/2207.06154.pdfTiefere Fragen