JSAI2025

Presentation information

Poster Session

Poster session » Poster Session

[3Win5] Poster session 3

Thu. May 29, 2025 3:30 PM - 5:30 PM Room W (Event hall D-E)

[3Win5-18] Suppressing Robust Overfitting in Positive-Unlabeled Learning

〇Ryo Shibazaki1, Hiroshi Kera1, Kazuhko Kawamoto1 (1.Chiba university)

Keywords:Adversarial training, Positive-Unlabeled learning, Robustness

Deep learning–based classification models are known to be vulnerable to adversarial attacks, wherein the addition of imperceptible perturbations to an original sample can lead to misclassification. In this study, we address the problem of constructing a robust classifier under the Positive-Unlabeled (PU) learning setting for binary classification. A straightforward approach in PU learning is to treat all unlabeled data (U) as pseudo-negative examples and minimize the classification risk. However, when this PU learning strategy is combined with conventional adversarial defense methods, the model can overfit to adversarial robustness, thereby substantially degrading its accuracy on unperturbed images (i.e., standard accuracy). To mitigate this issue, we propose a novel method that applies a defense mechanism capable of controlling the trade-off between robustness and standard accuracy within the PU learning framework. Experiments on a benchmark dataset demonstrate that the proposed method can maintain standard accuracy while simultaneously achieving improved robustness.

Authentication for paper PDF access
A password is required to view paper PDFs. If you are a registered participant, please log on the site from Participant Log In.
You could view the PDF with entering the PDF viewing password bellow.

Password