{"article_number":"2204.07373","_id":"11366","department":[{"_id":"ToHe"}],"language":[{"iso":"eng"}],"abstract":[{"text":"Adversarial training (i.e., training on adversarially perturbed input data) is a well-studied method for making neural networks robust to potential adversarial attacks during inference. However, the improved robustness does not\r\ncome for free but rather is accompanied by a decrease in overall model accuracy and performance. Recent work has shown that, in practical robot learning applications, the effects of adversarial training do not pose a fair trade-off\r\nbut inflict a net loss when measured in holistic robot performance. This work revisits the robustness-accuracy trade-off in robot learning by systematically analyzing if recent advances in robust training methods and theory in\r\nconjunction with adversarial robot learning can make adversarial training suitable for real-world robot applications. We evaluate a wide variety of robot learning tasks ranging from autonomous driving in a high-fidelity environment\r\namenable to sim-to-real deployment, to mobile robot gesture recognition. Our results demonstrate that, while these techniques make incremental improvements on the trade-off on a relative scale, the negative side-effects caused by\r\nadversarial training still outweigh the improvements by an order of magnitude. We conclude that more substantial advances in robust learning methods are necessary before they can benefit robot learning tasks in practice.","lang":"eng"}],"main_file_link":[{"url":"https://doi.org/10.48550/arXiv.2204.07373","open_access":"1"}],"publication_status":"submitted","citation":{"ama":"Lechner M, Amini A, Rus D, Henzinger TA. Revisiting the adversarial robustness-accuracy tradeoff in robot learning. arXiv. doi:10.48550/arXiv.2204.07373","ista":"Lechner M, Amini A, Rus D, Henzinger TA. Revisiting the adversarial robustness-accuracy tradeoff in robot learning. arXiv, 2204.07373.","apa":"Lechner, M., Amini, A., Rus, D., & Henzinger, T. A. (n.d.). Revisiting the adversarial robustness-accuracy tradeoff in robot learning. arXiv. https://doi.org/10.48550/arXiv.2204.07373","chicago":"Lechner, Mathias, Alexander Amini, Daniela Rus, and Thomas A Henzinger. “Revisiting the Adversarial Robustness-Accuracy Tradeoff in Robot Learning.” ArXiv, n.d. https://doi.org/10.48550/arXiv.2204.07373.","short":"M. Lechner, A. Amini, D. Rus, T.A. Henzinger, ArXiv (n.d.).","mla":"Lechner, Mathias, et al. “Revisiting the Adversarial Robustness-Accuracy Tradeoff in Robot Learning.” ArXiv, 2204.07373, doi:10.48550/arXiv.2204.07373.","ieee":"M. Lechner, A. Amini, D. Rus, and T. A. Henzinger, “Revisiting the adversarial robustness-accuracy tradeoff in robot learning,” arXiv. ."},"date_published":"2022-04-15T00:00:00Z","ec_funded":1,"month":"04","article_processing_charge":"No","external_id":{"arxiv":["2204.07373"]},"date_updated":"2023-08-01T13:36:50Z","type":"preprint","publication":"arXiv","day":"15","author":[{"id":"3DC22916-F248-11E8-B48F-1D18A9856A87","full_name":"Lechner, Mathias","first_name":"Mathias","last_name":"Lechner"},{"full_name":"Amini, Alexander","first_name":"Alexander","last_name":"Amini"},{"first_name":"Daniela","last_name":"Rus","full_name":"Rus, Daniela"},{"orcid":"0000-0002-2985-7724","full_name":"Henzinger, Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","first_name":"Thomas A","last_name":"Henzinger"}],"doi":"10.48550/arXiv.2204.07373","project":[{"call_identifier":"H2020","grant_number":"101020093","name":"Vigilant Algorithmic Monitoring of Software","_id":"62781420-2b32-11ec-9570-8d9b63373d4d"}],"title":"Revisiting the adversarial robustness-accuracy tradeoff in robot learning","status":"public","acknowledgement":"This work was supported in parts by the ERC-2020-AdG 101020093, National Science Foundation (NSF), and JP\r\nMorgan Graduate Fellowships. We thank Christoph Lampert for inspiring this work.\r\n","related_material":{"record":[{"status":"public","id":"11362","relation":"dissertation_contains"},{"status":"public","relation":"later_version","id":"12704"}]},"year":"2022","oa_version":"Preprint","oa":1,"user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","date_created":"2022-05-12T13:20:17Z"}