all InfoSec news
The Surprising Harmfulness of Benign Overfitting for Adversarial Robustness. (arXiv:2401.12236v2 [cs.LG] UPDATED)
cs.CR updates on arXiv.org arxiv.org
Recent empirical and theoretical studies have established the generalization
capabilities of large machine learning models that are trained to
(approximately or exactly) fit noisy data. In this work, we prove a surprising
result that even if the ground truth itself is robust to adversarial examples,
and the benignly overfitted model is benign in terms of the ``standard''
out-of-sample risk objective, this benign overfitting process can be harmful
when out-of-sample data are subject to adversarial manipulation. More
specifically, our main results …
adversarial arxiv capabilities data examples large machine machine learning machine learning models noisy prove result robustness studies truth work