Catalogo dei prodotti della ricerca

Neural network pruning has shown to be an effective technique for reducing the network size, trading desirable properties like generalization and robustness to adversarial attacks for higher sparsity. Recent work has claimed that adversarial pruning methods can produce sparse networks while also preserving robustness to adversarial examples. In this work, we first re-evaluate three state-of-the-art adversarial pruning methods, showing that their robustness was indeed overestimated. We then compare pruned and dense versions of the same models, discovering that samples on thin ice, i.e., closer to the unpruned model’s decision boundary, are typically misclassified after pruning. We conclude by discussing how this intuition may lead to designing more effective adversarial pruning methods in future work.

Samples on Thin Ice: Re-Evaluating Adversarial Pruning of Neural Networks / Piras, Giorgio; Pintor, Maura; Demontis, Ambra; Biggio, Battista. - (2023), pp. 229-235. ( 2023 International Conference on Machine Learning and Cybernetics, ICMLC 2023 Adelaide, Australia ) [10.1109/ICMLC58545.2023.10327927].

Samples on Thin Ice: Re-Evaluating Adversarial Pruning of Neural Networks

Giorgio Piras
Primo
;
2023

Abstract

Neural network pruning has shown to be an effective technique for reducing the network size, trading desirable properties like generalization and robustness to adversarial attacks for higher sparsity. Recent work has claimed that adversarial pruning methods can produce sparse networks while also preserving robustness to adversarial examples. In this work, we first re-evaluate three state-of-the-art adversarial pruning methods, showing that their robustness was indeed overestimated. We then compare pruned and dense versions of the same models, discovering that samples on thin ice, i.e., closer to the unpruned model’s decision boundary, are typically misclassified after pruning. We conclude by discussing how this intuition may lead to designing more effective adversarial pruning methods in future work.
2023
2023 International Conference on Machine Learning and Cybernetics, ICMLC 2023
Machine Learning; Adversarial Examples; Adversarial Robustness; Neural Network Pruning
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Samples on Thin Ice: Re-Evaluating Adversarial Pruning of Neural Networks / Piras, Giorgio; Pintor, Maura; Demontis, Ambra; Biggio, Battista. - (2023), pp. 229-235. ( 2023 International Conference on Machine Learning and Cybernetics, ICMLC 2023 Adelaide, Australia ) [10.1109/ICMLC58545.2023.10327927].
04b Atto di convegno in volume
File allegati a questo prodotto
File Dimensione Formato  
Piras_Samples-on-Thin-Ice_2023.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 473.79 kB
Formato Adobe PDF
  Contatta l'autore
473.79 kB Adobe PDF   Contatta l'autore
Piras_preprint_Samples-on-Thin-Ice_2023.pdf

accesso aperto

Note: DOI: 10.1109/ICMLC58545.2023.10327927
Tipologia: Documento in Pre-print (manoscritto inviato all'editore, precedente alla peer review)
Licenza: Creative commons
Dimensione 380.56 kB
Formato Adobe PDF
380.56 kB Adobe PDF

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1691366
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact