Despite the efficiency and scalability of machine learning systems, recent studies have
demonstrated that many classification methods, especially Deep Neural Networks (DNNs) …

It has been recognized that the data generated by the denoising diffusion probabilistic
model (DDPM) improves adversarial training. After two years of rapid development in …

Cross-entropy is a widely used loss function in applications. It coincides with the logistic loss
applied to the outputs of a neural network, when the softmax is used. But, what guarantees …

Adversarial purification refers to a class of defense methods that remove adversarial
perturbations using a generative model. These methods do not make assumptions on the …

The trustworthiness of machine learning has emerged as a critical topic in the field,
encompassing various applications and research areas such as robustness, security …

Recent work argues that robust training requires substantially larger datasets than those
required for standard classification. On CIFAR-10 and CIFAR-100, this translates into a …

Adversarial training suffers from robust overfitting, a phenomenon where the robust test
accuracy starts to decrease during training. In this paper, we focus on reducing robust …

For machine learning systems to be reliable, we must understand their performance in
unseen, out-of-distribution environments. In this paper, we empirically show that out-of …

Adversarial training (AT) is always formulated as a minimax problem, of which the
performance depends on the inner optimization that involves the generation of adversarial …

Classically, data interpolation with a parametrized model class is possible as long as the
number of parameters is larger than the number of equations to be satisfied. A puzzling …