Wasserstein distributional robustness of neural networks
Authors: Xingjian Bai, Guangyi He, Yifan Jiang, Jan Obloj
NeurIPS 2023 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We conduct numerical experiments on CIFAR-10, CIFAR-100, Image Net datasets using DNNs on Robust Bench to illustrate our theoretical results. |
| Researcher Affiliation | Academia | Xingjian Bai Department of Computer Science University of Oxford, UK xingjian.bai@sjc.ox.ac.uk Guangyi He Mathematical Institute University of Oxford, UK guangyihe2002@outlook.com Yifan Jiang Mathematical Institute University of Oxford, UK yifan.jiang@maths.ox.ac.uk Jan Obłój Mathematical Institute University of Oxford, UK jan.obloj@maths.ox.ac.uk |
| Pseudocode | Yes | A pseudocode for the above attack is summarized in Appendix C. ... Appendix C contains 'Algorithm 1: W-PGD Algorithm', 'Algorithm 2: Loss Regularization', 'Algorithm 3: Adversarial Data Perturbation'. |
| Open Source Code | Yes | Our code is available at https://github.com/Jan Obloj/W-DRO-Adversarial-Methods. |
| Open Datasets | Yes | We conduct numerical experiments on CIFAR-10 (Krizhevsky, 2009), CIFAR-100 (Krizhevsky, 2009), Image Net (Deng et al., 2009) datasets. |
| Dataset Splits | No | The dataset is further divided into training and test sets, containing 50,000 and 10,000 images respectively. We evaluate the robustness of neural networks on the test set only. The paper does not explicitly mention a separate validation set split. |
| Hardware Specification | Yes | We conduct experiments on a high performance computing server equipped with 49 GPU nodes. ... In contrast, our attack took ca 50min to run (on a NVIDIA A100-SXM4-40GB GPU). ... the CW attack, which by construction was successful on all 1000 images, took ca 4.5h to run (on a Tesla V100-SXM2-32GB-LS GPU). |
| Software Dependencies | No | The algorithms are implemented in Python. The paper does not specify version numbers for Python or any specific libraries like PyTorch or TensorFlow. |
| Experiment Setup | Yes | All PGD attacks are run with 50 iteration steps and take between 1 and 12 hours to run on a single GPU environment. ... α is the step size and projδ is a projection... |