Statistical and Computational Analysis of Adversarial Training

Files
XIE-DISSERTATION-2025.pdf (2.71 MB)
Author(s)
Xie, Yiling
Advisor(s)
Editor(s)
Associated Organization(s)
Organizational Unit
Organizational Unit
Series
Collections
Theses and Dissertations
Supplementary to:
Permanent Link
https://hdl.handle.net/1853/78631
Abstract
Adversarial training is a powerful tool to hedge against data perturbations and distributional shifts, and has been widely used in large language models, computer vision, cybersecurity, etc. While the empirical risk minimization procedure optimizes the empirical loss, the adversarial training procedure seeks conservative solutions that optimize the worst-case loss. In general, there are two ways to define worst-case loss: Wasserstein-distance-based and perturbation-based. In this thesis, we present a statistical and computational analysis of adversarial training. For the Wasserstein-distance-based adversarial training problem—also known as Wasserstein distributionally robust optimization—we explore both the computational aspects of the Wasserstein distance and the statistical properties of this framework. In the case of perturbation-based adversarial training, our focus is primarily on its statistical properties. Importantly, we establish computational and statistical foundations of adversarial training, including computational complexity, convergence rates, asymptotic distributions, and minimax optimality. Building on these insights, we propose potential improvements with provable theoretical guarantees.
Sponsor
Date
2025-05-28
Extent
Resource Type
Text
Resource Subtype
Dissertation
Rights Statement
Rights URI