Robustness is a fundamental property of machine learning classifiers required to achieve safety and reliability. In the field of adversarial robustness of image classifiers, robustness is commonly defined as the stability of a model to all input changes within a p-norm distance. However, in the field of random corruption robustness, variations observed in the real world are used, while p-norm corruptions are rarely considered. This study investigates the use of random p-norm corruptions to augment the training and test data of image classifiers. We evaluate the model robustness against imperceptible random p-norm corruptions and propose a novel robustness metric. We empirically investigate whether robustness transfers across different p-norms and derive conclusions on which p-norm corruptions a model should be trained and evaluated. We find that training data augmentation with a combination of p-norm corruptions significantly improves corruption robustness, even on top of state-of-the-art data augmentation schemes.

翻译：鲁棒性是机器学习分类器实现安全性和可靠性的基本属性。在图像分类器的对抗鲁棒性领域，鲁棒性通常定义为模型在p范数距离内对所有输入变化的稳定性。然而，在随机扰动鲁棒性领域，通常采用真实世界中观测到的变化，而p范数扰动却很少被考虑。本研究探讨了使用随机p范数扰动增强图像分类器训练和测试数据的方法。我们评估了模型对不可察觉的随机p范数扰动的鲁棒性，并提出了一种新的鲁棒性度量指标。我们通过实验研究了不同p范数之间的鲁棒性迁移性，并得出了模型应针对哪些p范数扰动进行训练和评估的结论。研究发现，即使在使用最先进的数据增强方案的基础上，结合多种p范数扰动进行训练数据增强也能显著提升扰动鲁棒性。