%0 Generic %1 fetaya2019conditional %A Fetaya, Ethan %A Jacobsen, Jörn-Henrik %A Zemel, Richard %D 2019 %K afcs conditional cvae generative model modeling robust vae %T Conditional Generative Models are not Robust %U http://arxiv.org/abs/1906.01171 %X Class-conditional generative models are an increasingly popular approach to achieve robust classification. They are a natural choice to solve discriminative tasks in a robust manner as they jointly optimize for predictive performance and accurate modeling of the input distribution. In this work, we investigate robust classification with likelihood-based conditional generative models from a theoretical and practical perspective. Our theoretical result reveals that it is impossible to guarantee detectability of adversarial examples even for near-optimal generative classifiers. Experimentally, we show that naively trained conditional generative models have poor discriminative performance, making them unsuitable for classification. This is related to overlooked issues with training conditional generative models and we show methods to improve performance. Finally, we analyze the robustness of our proposed conditional generative models on MNIST and CIFAR10. While we are able to train robust models for MNIST, robustness completely breaks down on CIFAR10. This lack of robustness is related to various undesirable model properties maximum likelihood fails to penalize. Our results indicate that likelihood may fundamentally be at odds with robust classification on challenging problems.

@misc{fetaya2019conditional, abstract = {Class-conditional generative models are an increasingly popular approach to achieve robust classification. They are a natural choice to solve discriminative tasks in a robust manner as they jointly optimize for predictive performance and accurate modeling of the input distribution. In this work, we investigate robust classification with likelihood-based conditional generative models from a theoretical and practical perspective. Our theoretical result reveals that it is impossible to guarantee detectability of adversarial examples even for near-optimal generative classifiers. Experimentally, we show that naively trained conditional generative models have poor discriminative performance, making them unsuitable for classification. This is related to overlooked issues with training conditional generative models and we show methods to improve performance. Finally, we analyze the robustness of our proposed conditional generative models on MNIST and CIFAR10. While we are able to train robust models for MNIST, robustness completely breaks down on CIFAR10. This lack of robustness is related to various undesirable model properties maximum likelihood fails to penalize. Our results indicate that likelihood may fundamentally be at odds with robust classification on challenging problems.}, added-at = {2019-06-18T23:47:10.000+0200}, author = {Fetaya, Ethan and Jacobsen, Jörn-Henrik and Zemel, Richard}, biburl = {https://www.bibsonomy.org/bibtex/2d67e08bf5214ff4d424d826f206013d4/becker}, description = {Conditional Generative Models are not Robust}, interhash = {f063736d272684561603e42ad974c0c5}, intrahash = {d67e08bf5214ff4d424d826f206013d4}, keywords = {afcs conditional cvae generative model modeling robust vae}, note = {cite arxiv:1906.01171}, timestamp = {2019-06-18T23:47:10.000+0200}, title = {Conditional Generative Models are not Robust}, url = {http://arxiv.org/abs/1906.01171}, year = 2019 }