Abstract
Modern machine learning methods, in particular deep learning approaches, have enjoyed unparalleled success in a variety of challenging application fields like image recognition, medical image reconstruction, and natural language processing. While a vast majority of previous research in machine learning mainly focused on constructing and understanding models with high predictive power, consensus has emerged that other properties like stability and robustness of models are of equal importance and in many applications are essential. This has motivated researchers to investigate the problem of adversarial training —or how to make models robust to adversarial attacks— but despite the development of several computational strategies for adversarial training and some theoretical development in the broader distributionally robust optimization literature, there are still several theoretical questions about it that remain relatively unexplored. In this talk, I will take an analytical perspective on the adversarial robustness problem and explore two questions: 1) Can we use analytical tools to find lower bounds for adversarial robustness problems?, and 2) How do we use modern tools from analysis and geometry to solve adversarial robustness problems? In this talk I will showcase how ideas from optimal transport theory can provide answers to these questions.
This talk is based on joint works with Camilo Andrés García Trillos, Matt Jacobs, and Jakwang Kim.
%
