Skip to content

Latest commit

 

History

History
73 lines (59 loc) · 3.48 KB

readme.md

File metadata and controls

73 lines (59 loc) · 3.48 KB

Codes for "Characterizing the Impacts of Instances on Robustness"

Basic Infomation

  • paper: https://aclanthology.org/2023.findings-acl.146.pdf
  • Authors: Rui Zheng*, Zhiheng Xi*, Qin Liu, Wenbin Lai, Tao Gui, Qi Zhang, Xuanjing Huang, Jin Ma, Ying Shan, Weifeng Ge.
  • Abstract: Building robust deep neural networks (DNNs) against adversarial attacks is an important but challenging task. Previous defense approaches mainly focus on developing new model structures or training algorithms, but they do little to tap the potential of training instances, especially instances with robust patterns carring innate robustness. In this paper, we show that robust and non-robust instances in the training dataset, though are both important for test performance, have contrary impacts on robustness, which makes it possible to build a highly robust model by leveraging the training dataset in a more effective way. We propose a new method that can distinguish robust instances from nonrobust ones according to the model’s sensitivity to perturbations on individual instances during training. Surprisingly, we find that the model under standard training easily overfits the robust instances by relying on their simple patterns before the model completely learns their robust features. Finally, we propose a new mitigation algorithm to further release the potential of robust instances. Experimental results show that proper use of robust instances in the original dataset is a new line to achieve highly robust models. Our codes are publicly available at https://github.com/ruizheng20/robust_data.

Usage

  • Collect robust statistics of training dataset
python data_statistics.py
  • The data is saved to the following path (see in data_statistics.py):
np.save('robust_statistics_model{}_dataset{}_task{}_seed{}_shuffle{}_len{}_adv_steps{}_adv_lr{}_epoch{}_lr{}_interval{}_with_untrained_model{}_use_cur_preds{}.npy'
    .format(args.model_name,
            args.dataset_name,
            args.task_name,
            args.seed,
            args.do_train_shuffle,
            args.dataset_len,
            args.adv_steps,
            args.adv_lr,args.epochs,
            args.lr,
            args.statistic_interval,
            args.with_untrained_model,
            args.use_cur_preds
            ),
    robust_statistics_dict)
  • Draw plots to show data robustness (remember to set your statistic path in the file)
cd plot_utils
python plotting.py
  • Run Flooding method with robust data
cd new_fine_tune_flooding
sh run_sst2_new_finetune_flooding.sh
  • Run Soft Label method with robust data
cd new_fine_tune_flooding
sh run_sst2_new_finetune_soft_label.sh

Plot & Performance

  • Robust Data Map

image-20230726195217008

  • Final Performance

image-20230726195246173

  • See more analysis in our paper!

Citation

@inproceedings{zheng2023characterizing,
  title={Characterizing the Impacts of Instances on Robustness},
  author={Zheng, Rui and Xi, Zhiheng and Liu, Qin and Lai, Wenbin and Gui, Tao and Zhang, Qi and Huang, Xuan-Jing and Ma, Jin and Shan, Ying and Ge, Weifeng},
  booktitle={Findings of the Association for Computational Linguistics: ACL 2023},
  pages={2314--2332},
  year={2023}
}