How to Improve Model Robustness? A Distributional-Discrepancy Perspective
Speaker: Jiacheng Zhang, Time: 11:00, 2/12/2025
Speaker: Jiacheng Zhang
Title: How to Improve Model Robustness? A Distributional-Discrepancy Perspective
Time: 11 am, Tuesday, 2nd December, 2025
Location: !290-4-4206-Edinburgh Room
Zoom: https://unimelb.zoom.us/j/9969138032?pwd=NCtxT0Z1OWp3RUREVmxxV1hBMkxDZz09
or meetingId/pwd: uomnlp/uomnlp
Abstract:
Defending against adversarial examples is a long-standing problem in machine learning. In this talk, I will focus on the theme “How to Improve Model Robustness? A Distributional-Discrepancy Perspective” and introduce our two latest works that are accepted by ICML 2025. The first work introduces a diffusion-based adversarial purification framework. To the best of our knowledge, this is the first framework that enables differential treatment of natural and adversarial samples within a diffusion model, allowing the model to preserve the semantic content of purified natural samples while largely removing adversarial noise. This leads to simultaneous gains in both clean accuracy and robustness. The second work presents a new adversarial defense framework that jointly detects and purifies adversarial examples. In this framework, distributional discrepancy serves both as a guiding signal and as a discriminative signal. For incoming data, the framework adopts a two-pronged strategy: samples detected as natural are passed directly to the classifier, while samples detected as adversarial are sent to a discrepancy-guided denoiser for noise removal. Experiments show that this framework can again improve both clean accuracy and robustness. Across both works, distributional discrepancy plays a pivotal role, further demonstrating the importance of exploiting the distributional gap between natural and adversarial samples. We hope this line of work will encourage more researchers to address model robustness from the perspective of distributional discrepancies.
Bio: Jiacheng is a 3rd-year PhD candidate at the Trustworthy Machine Learning and Reasoning (TMLR) group in the Faculty of Engineering and Information Technology, the University of Melbourne, supervised by Dr Feng Liu and Prof. Ben Rubinstein. He is passionate about advancing the field of trustworthy machine learning, with a long-term vision of enabling safe, reliable, and ethically aligned AI systems that can be responsibly deployed in real-world environments. His current research interests lie in improving the robustness and safety of AI systems at multiple levels, including but not limited to: (1) safety alignment for multimodal large language models; (2) robust fine-tuning for pre-trained vision-language models; (3) robust training for vision models.