We demonstrate, theoretically and empirically, that adversarial robustness can significantly
benefit from semisupervised learning. Theoretically, we revisit the simple Gaussian model of …

Several works have proposed Simplicity Bias (SB)---the tendency of standard training
procedures such as Stochastic Gradient Descent (SGD) to find simple models---to justify why …

Why are classifiers in high dimension vulnerable to “adversarial” perturbations? We show
that it is likely not due to information theoretic limitations, but rather it could be due to …

We investigate two causes for adversarial vulnerability in deep neural networks: bad data
and (poorly) trained models. When trained with SGD, deep neural networks essentially …

Adversarial or test time robustness measures the susceptibility of a classifier to perturbations
to the test input. While there has been a flurry of recent work on designing defenses against …

Adversarial robustness is a critical property in a variety of modern machine learning
applications. While it has been the subject of several recent theoretical studies, many …

It is becoming increasingly important to understand the vulnerability of machine learning
models to adversarial attacks. In this paper we study the feasibility of adversarially robust …

We study the computational complexity of adversarially robust proper learning of halfspaces
in the distribution-independent agnostic PAC model, with a focus on $ L_p $ perturbations …

Data augmentation by incorporating cheap unlabeled data from multiple domains is a
powerful way to improve prediction especially when there is limited labeled data. In this …

In this work, we study the trade-off between differential privacy and adversarial robustness
under $ L_2 $-perturbations in the context of learning halfspaces. We prove nearly tight …