Optimal Transport Model Distributional Robustness

Van-Anh Nguyen; Trung Le; Anh Tuan Bui; Thanh-Toan Do; Dinh Phung

Optimal Transport Model Distributional Robustness

Van-Anh Nguyen, Trung Le, Anh Tuan Bui, Thanh-Toan Do, Dinh Phung

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

Abstract

Distributional robustness is a promising framework for training deep learning models that are less vulnerable to adversarial examples and data distribution shifts. Previous works have mainly focused on exploiting distributional robustness in the data space. In this work, we explore an optimal transport-based distributional robustness framework in model spaces. Specifically, we examine a model distribution within a Wasserstein ball centered on a given model distribution that maximizes the loss. We have developed theories that enable us to learn the optimal robust center model distribution. Interestingly, our developed theories allow us to flexibly incorporate the concept of sharpness awareness into training, whether it's a single model, ensemble models, or Bayesian Neural Networks, by considering specific forms of the center model distribution. These forms include a Dirac delta distribution over a single model, a uniform distribution over several models, and a general Bayesian Neural Network. Furthermore, we demonstrate that Sharpness-Aware Minimization (SAM) is a specific case of our framework when using a Dirac delta distribution over a single model, while our framework can be seen as a probabilistic extension of SAM. To validate the effectiveness of our framework in the aforementioned settings, we conducted extensive experiments, and the results reveal remarkable improvements compared to the baselines.

Original language	English
Title of host publication	Advances in Neural Information Processing Systems 36 (NeurIPS 2023)
Editors	A. Oh, T. Naumann, A. Globerson, K. Saenko, M. Hardt, S. Levine
Place of Publication	San Diego CA USA
Publisher	Neural Information Processing Systems (NIPS)
Number of pages	14
ISBN (Electronic)	9781713899921
Publication status	Published - 2023
Event	Advances in Neural Information Processing Systems 2023 - Ernest N. Morial Convention Center, New Orleans, United States of America Duration: 10 Dec 2023 → 16 Dec 2023 Conference number: 37th https://openreview.net/group?id=NeurIPS.cc/2023/Conference#tab-accept-oral https://neurips.cc/ (Website) https://papers.nips.cc/paper_files/paper/2023 (Proceedings)

Publication series

Name	Advances in Neural Information Processing Systems
Publisher	Neural Information Processing Systems (NIPS)
Volume	36
ISSN (Print)	1049-5258

Conference

Conference	Advances in Neural Information Processing Systems 2023
Abbreviated title	NeurIPS 2023
Country/Territory	United States of America
City	New Orleans
Period	10/12/23 → 16/12/23
Internet address	https://openreview.net/group?id=NeurIPS.cc/2023/Conference#tab-accept-oral https://neurips.cc/ (Website) https://papers.nips.cc/paper_files/paper/2023 (Proceedings)

Access to Document

631147756-oaFinal published version, 535 KBLicence: CC BY

https://dl.acm.org/doi/10.5555/3666122.3667167Licence: CC BY

Cite this

Nguyen, V.-A., Le, T., Bui, A. T., Do, T.-T., & Phung, D. (2023). Optimal Transport Model Distributional Robustness. In A. Oh, T. Naumann, A. Globerson, K. Saenko, M. Hardt, & S. Levine (Eds.), Advances in Neural Information Processing Systems 36 (NeurIPS 2023) (Advances in Neural Information Processing Systems; Vol. 36). Neural Information Processing Systems (NIPS). https://dl.acm.org/doi/10.5555/3666122.3667167

Nguyen, Van-Anh ; Le, Trung ; Bui, Anh Tuan et al. / Optimal Transport Model Distributional Robustness. Advances in Neural Information Processing Systems 36 (NeurIPS 2023). editor / A. Oh ; T. Naumann ; A. Globerson ; K. Saenko ; M. Hardt ; S. Levine. San Diego CA USA : Neural Information Processing Systems (NIPS), 2023. (Advances in Neural Information Processing Systems).

@inproceedings{14452194e4e14883bc61337f57b88880,

title = "Optimal Transport Model Distributional Robustness",

abstract = "Distributional robustness is a promising framework for training deep learning models that are less vulnerable to adversarial examples and data distribution shifts. Previous works have mainly focused on exploiting distributional robustness in the data space. In this work, we explore an optimal transport-based distributional robustness framework in model spaces. Specifically, we examine a model distribution within a Wasserstein ball centered on a given model distribution that maximizes the loss. We have developed theories that enable us to learn the optimal robust center model distribution. Interestingly, our developed theories allow us to flexibly incorporate the concept of sharpness awareness into training, whether it's a single model, ensemble models, or Bayesian Neural Networks, by considering specific forms of the center model distribution. These forms include a Dirac delta distribution over a single model, a uniform distribution over several models, and a general Bayesian Neural Network. Furthermore, we demonstrate that Sharpness-Aware Minimization (SAM) is a specific case of our framework when using a Dirac delta distribution over a single model, while our framework can be seen as a probabilistic extension of SAM. To validate the effectiveness of our framework in the aforementioned settings, we conducted extensive experiments, and the results reveal remarkable improvements compared to the baselines.",

author = "Van-Anh Nguyen and Trung Le and Bui, {Anh Tuan} and Thanh-Toan Do and Dinh Phung",

note = "Publisher Copyright: {\textcopyright} 2023 Neural information processing systems foundation. All rights reserved.; Advances in Neural Information Processing Systems 2023, NeurIPS 2023 ; Conference date: 10-12-2023 Through 16-12-2023",

year = "2023",

language = "English",

series = "Advances in Neural Information Processing Systems",

publisher = "Neural Information Processing Systems (NIPS)",

editor = "A. Oh and T. Naumann and A. Globerson and K. Saenko and M. Hardt and S. Levine",

booktitle = "Advances in Neural Information Processing Systems 36 (NeurIPS 2023)",

url = "https://openreview.net/group?id=NeurIPS.cc/2023/Conference#tab-accept-oral, https://neurips.cc/, https://papers.nips.cc/paper_files/paper/2023",

}

Nguyen, V-A , Le, T , Bui, AT , Do, T-T & Phung, D 2023, Optimal Transport Model Distributional Robustness. in A Oh, T Naumann, A Globerson, K Saenko, M Hardt & S Levine (eds), Advances in Neural Information Processing Systems 36 (NeurIPS 2023). Advances in Neural Information Processing Systems, vol. 36, Neural Information Processing Systems (NIPS), San Diego CA USA, Advances in Neural Information Processing Systems 2023, New Orleans, Louisiana, United States of America, 10/12/23. <https://dl.acm.org/doi/10.5555/3666122.3667167>

Optimal Transport Model Distributional Robustness. / Nguyen, Van-Anh ; Le, Trung ; Bui, Anh Tuan et al.
Advances in Neural Information Processing Systems 36 (NeurIPS 2023). ed. / A. Oh; T. Naumann; A. Globerson; K. Saenko; M. Hardt; S. Levine. San Diego CA USA: Neural Information Processing Systems (NIPS), 2023. (Advances in Neural Information Processing Systems; Vol. 36).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Optimal Transport Model Distributional Robustness

AU - Nguyen, Van-Anh

AU - Le, Trung

AU - Bui, Anh Tuan

AU - Do, Thanh-Toan

AU - Phung, Dinh

N1 - Conference code: 37th

PY - 2023

Y1 - 2023

N2 - Distributional robustness is a promising framework for training deep learning models that are less vulnerable to adversarial examples and data distribution shifts. Previous works have mainly focused on exploiting distributional robustness in the data space. In this work, we explore an optimal transport-based distributional robustness framework in model spaces. Specifically, we examine a model distribution within a Wasserstein ball centered on a given model distribution that maximizes the loss. We have developed theories that enable us to learn the optimal robust center model distribution. Interestingly, our developed theories allow us to flexibly incorporate the concept of sharpness awareness into training, whether it's a single model, ensemble models, or Bayesian Neural Networks, by considering specific forms of the center model distribution. These forms include a Dirac delta distribution over a single model, a uniform distribution over several models, and a general Bayesian Neural Network. Furthermore, we demonstrate that Sharpness-Aware Minimization (SAM) is a specific case of our framework when using a Dirac delta distribution over a single model, while our framework can be seen as a probabilistic extension of SAM. To validate the effectiveness of our framework in the aforementioned settings, we conducted extensive experiments, and the results reveal remarkable improvements compared to the baselines.

AB - Distributional robustness is a promising framework for training deep learning models that are less vulnerable to adversarial examples and data distribution shifts. Previous works have mainly focused on exploiting distributional robustness in the data space. In this work, we explore an optimal transport-based distributional robustness framework in model spaces. Specifically, we examine a model distribution within a Wasserstein ball centered on a given model distribution that maximizes the loss. We have developed theories that enable us to learn the optimal robust center model distribution. Interestingly, our developed theories allow us to flexibly incorporate the concept of sharpness awareness into training, whether it's a single model, ensemble models, or Bayesian Neural Networks, by considering specific forms of the center model distribution. These forms include a Dirac delta distribution over a single model, a uniform distribution over several models, and a general Bayesian Neural Network. Furthermore, we demonstrate that Sharpness-Aware Minimization (SAM) is a specific case of our framework when using a Dirac delta distribution over a single model, while our framework can be seen as a probabilistic extension of SAM. To validate the effectiveness of our framework in the aforementioned settings, we conducted extensive experiments, and the results reveal remarkable improvements compared to the baselines.

UR - http://www.scopus.com/inward/record.url?scp=85174796305&partnerID=8YFLogxK

M3 - Conference Paper

AN - SCOPUS:85174796305

T3 - Advances in Neural Information Processing Systems

BT - Advances in Neural Information Processing Systems 36 (NeurIPS 2023)

A2 - Oh, A.

A2 - Naumann, T.

A2 - Globerson, A.

A2 - Saenko, K.

A2 - Hardt, M.

A2 - Levine, S.

PB - Neural Information Processing Systems (NIPS)

CY - San Diego CA USA

T2 - Advances in Neural Information Processing Systems 2023

Y2 - 10 December 2023 through 16 December 2023

ER -

Optimal Transport Model Distributional Robustness

Abstract

Publication series

Conference

Access to Document

Other files and links

Exploiting Geometries of Learning for Fast, Adaptive and Robust AI

Cite this

Optimal Transport Model Distributional Robustness

Abstract

Publication series

Conference

Access to Document

Other files and links

Projects

Exploiting Geometries of Learning for Fast, Adaptive and Robust AI

Cite this