Adversarial Robustness in Multi-Task Learning: Promises and Illusions

Salah Ghamizi; Maxime Cordy; Mike Papadakis; Yves Le Traon

doi:10.1609/aaai.v36i1.19950

Adversarial Robustness in Multi-Task Learning: Promises and Illusions

Salah Ghamizi, Maxime Cordy, Mike Papadakis, Yves Le Traon

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

7 Citations (Scopus)

Abstract

Vulnerability to adversarial attacks is a well-known weakness of Deep Neural networks. While most of the studies focus on single-task neural networks with computer vision datasets, very little research has considered complex multi-task models that are common in real applications. In this paper, we evaluate the design choices that impact the robustness of multi-task deep learning networks. We provide evidence that blindly adding auxiliary tasks, or weighing the tasks provides a false sense of robustness. Thereby, we tone down the claim made by previous research and study the different factors which may affect robustness. In particular, we show that the choice of the task to incorporate in the loss function are important factors that can be leveraged to yield more robust models. We provide the appendix, all our algorithms, models, and open source-code at https://github.com/yamizi/taskaugment.

Original language	English
Title of host publication	AAAI-22 Technical Tracks 1
Publisher	Association for the Advancement of Artificial Intelligence
Pages	697-705
Number of pages	9
ISBN (Electronic)	1577358767, 9781577358763
DOIs	https://doi.org/10.1609/aaai.v36i1.19950
Publication status	Published - 30 Jun 2022
Externally published	Yes
Event	36th AAAI Conference on Artificial Intelligence, AAAI 2022 - Virtual, Online Duration: 22 Feb 2022 → 1 Mar 2022

Publication series

Name	Proceedings of the 36th AAAI Conference on Artificial Intelligence, AAAI 2022
Volume	36

Conference

Conference	36th AAAI Conference on Artificial Intelligence, AAAI 2022
City	Virtual, Online
Period	22/02/22 → 1/03/22

Access to Document

10.1609/aaai.v36i1.19950

Cite this

@inproceedings{98fd0c28ef104c9cba839e778dc31d03,

title = "Adversarial Robustness in Multi-Task Learning: Promises and Illusions",

abstract = "Vulnerability to adversarial attacks is a well-known weakness of Deep Neural networks. While most of the studies focus on single-task neural networks with computer vision datasets, very little research has considered complex multi-task models that are common in real applications. In this paper, we evaluate the design choices that impact the robustness of multi-task deep learning networks. We provide evidence that blindly adding auxiliary tasks, or weighing the tasks provides a false sense of robustness. Thereby, we tone down the claim made by previous research and study the different factors which may affect robustness. In particular, we show that the choice of the task to incorporate in the loss function are important factors that can be leveraged to yield more robust models. We provide the appendix, all our algorithms, models, and open source-code at https://github.com/yamizi/taskaugment.",

author = "Salah Ghamizi and Maxime Cordy and Mike Papadakis and {Le Traon}, Yves",

note = "Publisher Copyright: Copyright {\textcopyright} 2022, Association for the Advancement of Artificial Intelligence (www.aaai.org). All rights reserved.; 36th AAAI Conference on Artificial Intelligence, AAAI 2022 ; Conference date: 22-02-2022 Through 01-03-2022",

year = "2022",

month = jun,

day = "30",

doi = "10.1609/aaai.v36i1.19950",

language = "English",

series = "Proceedings of the 36th AAAI Conference on Artificial Intelligence, AAAI 2022",

publisher = "Association for the Advancement of Artificial Intelligence",

pages = "697--705",

booktitle = "AAAI-22 Technical Tracks 1",

}

Ghamizi, S, Cordy, M, Papadakis, M & Le Traon, Y 2022, Adversarial Robustness in Multi-Task Learning: Promises and Illusions. in AAAI-22 Technical Tracks 1. Proceedings of the 36th AAAI Conference on Artificial Intelligence, AAAI 2022, vol. 36, Association for the Advancement of Artificial Intelligence, pp. 697-705, 36th AAAI Conference on Artificial Intelligence, AAAI 2022, Virtual, Online, 22/02/22. https://doi.org/10.1609/aaai.v36i1.19950

Adversarial Robustness in Multi-Task Learning: Promises and Illusions. / Ghamizi, Salah; Cordy, Maxime; Papadakis, Mike et al.
AAAI-22 Technical Tracks 1. Association for the Advancement of Artificial Intelligence, 2022. p. 697-705 (Proceedings of the 36th AAAI Conference on Artificial Intelligence, AAAI 2022; Vol. 36).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Adversarial Robustness in Multi-Task Learning

T2 - 36th AAAI Conference on Artificial Intelligence, AAAI 2022

AU - Ghamizi, Salah

AU - Cordy, Maxime

AU - Papadakis, Mike

AU - Le Traon, Yves

PY - 2022/6/30

Y1 - 2022/6/30

N2 - Vulnerability to adversarial attacks is a well-known weakness of Deep Neural networks. While most of the studies focus on single-task neural networks with computer vision datasets, very little research has considered complex multi-task models that are common in real applications. In this paper, we evaluate the design choices that impact the robustness of multi-task deep learning networks. We provide evidence that blindly adding auxiliary tasks, or weighing the tasks provides a false sense of robustness. Thereby, we tone down the claim made by previous research and study the different factors which may affect robustness. In particular, we show that the choice of the task to incorporate in the loss function are important factors that can be leveraged to yield more robust models. We provide the appendix, all our algorithms, models, and open source-code at https://github.com/yamizi/taskaugment.

AB - Vulnerability to adversarial attacks is a well-known weakness of Deep Neural networks. While most of the studies focus on single-task neural networks with computer vision datasets, very little research has considered complex multi-task models that are common in real applications. In this paper, we evaluate the design choices that impact the robustness of multi-task deep learning networks. We provide evidence that blindly adding auxiliary tasks, or weighing the tasks provides a false sense of robustness. Thereby, we tone down the claim made by previous research and study the different factors which may affect robustness. In particular, we show that the choice of the task to incorporate in the loss function are important factors that can be leveraged to yield more robust models. We provide the appendix, all our algorithms, models, and open source-code at https://github.com/yamizi/taskaugment.

UR - http://www.scopus.com/inward/record.url?scp=85147672327&partnerID=8YFLogxK

U2 - 10.1609/aaai.v36i1.19950

DO - 10.1609/aaai.v36i1.19950

M3 - Conference contribution

AN - SCOPUS:85147672327

T3 - Proceedings of the 36th AAAI Conference on Artificial Intelligence, AAAI 2022

SP - 697

EP - 705

BT - AAAI-22 Technical Tracks 1

PB - Association for the Advancement of Artificial Intelligence

Y2 - 22 February 2022 through 1 March 2022

ER -

Adversarial Robustness in Multi-Task Learning: Promises and Illusions

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this