Notice: The reproducibility variables underlying each score are classified using an automated LLM-based pipeline, validated against a manually labeled dataset. LLM-based classification introduces uncertainty and potential bias; scores should be interpreted as estimates. Full accuracy metrics and methodology are described in [1].
Towards Efficient and Effective Adversarial Training
Authors: Gaurang Sriramanan, Sravanti Addepalli, Arya Baburaj, Venkatesh Babu R
NeurIPS 2021 | Venue PDF | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | 6 Experiments and Analysis, Overview of Datasets and Evaluations: We run extensive evaluation on the following three benchmark datasets: MNIST [18], CIFAR-10 [16] and a 100 class subset of Image Net [10, 26]. Table 1: CIFAR-10 White-box evaluation: Accuracy (%) of various defenses (rows) against different attacks for the CIFAR-10 dataset |
| Researcher Affiliation | Academia | Gaurang Sriramanan , Sravanti Addepalli , Arya Baburaj, R.Venkatesh Babu Video Analytics Lab, Department of Computational and Data Sciences Indian Institute of Science, Bangalore, India |
| Pseudocode | Yes | Algorithm 1 Nuclear Norm Adversarial Training |
| Open Source Code | Yes | Our code and pre-trained models are available here: https://github.com/val-iisc/Nu AT. |
| Open Datasets | Yes | We run extensive evaluation on the following three benchmark datasets: MNIST [18], CIFAR-10 [16] and a 100 class subset of Image Net [10, 26]. |
| Dataset Splits | Yes | For each dataset, we maintain a train-validation split that is balanced equally across all classes. We present details on the datasets, train-validation splits and model architectures in the Supplementary Section. |
| Hardware Specification | No | The paper does not explicitly describe the specific hardware used (e.g., GPU models, CPU types, memory) in its main body. The checklist indicates this information is in the Supplementary Material, which is not provided. |
| Software Dependencies | No | The paper does not provide specific ancillary software details with version numbers (e.g., “Python 3.8”, “PyTorch 1.9”). |
| Experiment Setup | Yes | The proposed regularizer in Eq.1 and Eq.2 is weighted by a factor λ, which controls the accuracy-robustness trade-off. We use the same weight λ for both adversary generation and training, which is linearly increased over the training epochs. Further, we use a novel cyclic-step learning rate schedule that incorporates the cyclic schedule in early epochs of training, and transitions to the use of a step schedule towards the end. Algorithm 1 lists Attack Size ε, Initial Noise Magnitude α, Epochs E, Learning Rate η as inputs. |