Deep learning models, even the-state-of-the-art ones, are highly vulnerable to adversarial examples. Adversarial training is one of the most efficient methods to improve the model's robustness. The key factor for the success of adversarial training is the capability to generate qualified and divergent adversarial examples which satisfy some objectives/goals (e.g., finding adversarial examples that maximize the model losses for simultaneously attacking multiple models). Therefore, multi-objective optimization (MOO) is a natural tool for adversarial example generation to achieve multiple objectives/goals simultaneously. However, we observe that a naive application of MOO tends to maximize all objectives/goals equally, without caring if an objective/goal has been achieved yet. This leads to useless effort to further improve the goal-achieved tasks, while putting less focus on the goal-unachieved tasks. In this paper, we propose \emph{Task Oriented MOO} to address this issue, in the context where we can explicitly define the goal achievement for a task. Our principle is to only maintain the goal-achieved tasks, while letting the optimizer spend more effort on improving the goal-unachieved tasks. We conduct comprehensive experiments for our Task Oriented MOO on various adversarial example generation schemes. The experimental results firmly demonstrate the merit of our proposed approach. Our code is available at \url{https://github.com/tuananhbui89/TAMOO}.

翻译：深度学习模型，即便是最先进的模型，也极易受到对抗性示例的威胁。对抗性训练是提升模型鲁棒性的最有效方法之一。其成功的关键在于能够生成既满足条件又具有多样性的对抗性示例，并实现特定目标（例如，找到能同时最大化多个模型损失的对抗性示例）。因此，多目标优化（MOO）作为同时实现多个目标的自然工具，适用于对抗性示例生成。然而，我们发现，简单应用MOO往往会不加区分地最大化所有目标，而不考虑某个目标是否已经达成。这导致无谓地继续改进已完成的目标任务，而忽视未完成的目标任务。本文提出面向任务的多目标优化（Task Oriented MOO）来解决这一问题，其背景是我们能明确定义任务的目标达成情况。我们的原则是仅维持已完成目标任务的状态，同时让优化器将更多精力集中在改进未完成的目标任务上。我们针对多种对抗性示例生成方案，对面向任务的多目标优化进行了全面实验。实验结果充分证明了我们提出方法的优越性。我们的代码可从 \url{https://github.com/tuananhbui89/TAMOO} 获取。