利用白盒对抗性攻击增强高能物理的泛化

IF 5.3 2区物理与天体物理 Q1 Physics and Astronomy

Physical Review D Pub Date : 2025-07-07 DOI:10.1103/physrevd.112.016004

Franck Rothen, Samuel Klein, Matthew Leigh, Tobias Golling

{"title":"利用白盒对抗性攻击增强高能物理的泛化","authors":"Franck Rothen, Samuel Klein, Matthew Leigh, Tobias Golling","doi":"10.1103/physrevd.112.016004","DOIUrl":null,"url":null,"abstract":"Machine learning is becoming increasingly popular in the context of particle physics. Supervised learning, which uses labeled Monte Carlo (MC) simulations, remains one of the most widely used methods for discriminating signals beyond the Standard Model. However, this paper suggests that supervised models may depend excessively on artifacts and approximations from Monte Carlo simulations, potentially limiting their ability to generalize well to real data. This study aims to enhance the generalization properties of supervised models by reducing the sharpness of local minima. It reviews the application of four distinct white-box adversarial attacks in the context of classifying Higgs boson decay signals. The attacks are divided into weight-space attacks and feature-space attacks. To study and quantify the sharpness of different local minima, this paper presents two analysis methods: gradient ascent and reduced Hessian eigenvalue analysis. The results show that white-box adversarial attacks significantly improve generalization performance, albeit with increased computational complexity. Published by the American Physical Society 2025 ","PeriodicalId":20167,"journal":{"name":"Physical Review D","volume":"151 1","pages":""},"PeriodicalIF":5.3000,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Enhancing generalization in high-energy physics using white-box adversarial attacks\",\"authors\":\"Franck Rothen, Samuel Klein, Matthew Leigh, Tobias Golling\",\"doi\":\"10.1103/physrevd.112.016004\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Machine learning is becoming increasingly popular in the context of particle physics. Supervised learning, which uses labeled Monte Carlo (MC) simulations, remains one of the most widely used methods for discriminating signals beyond the Standard Model. However, this paper suggests that supervised models may depend excessively on artifacts and approximations from Monte Carlo simulations, potentially limiting their ability to generalize well to real data. This study aims to enhance the generalization properties of supervised models by reducing the sharpness of local minima. It reviews the application of four distinct white-box adversarial attacks in the context of classifying Higgs boson decay signals. The attacks are divided into weight-space attacks and feature-space attacks. To study and quantify the sharpness of different local minima, this paper presents two analysis methods: gradient ascent and reduced Hessian eigenvalue analysis. The results show that white-box adversarial attacks significantly improve generalization performance, albeit with increased computational complexity. Published by the American Physical Society 2025 \",\"PeriodicalId\":20167,\"journal\":{\"name\":\"Physical Review D\",\"volume\":\"151 1\",\"pages\":\"\"},\"PeriodicalIF\":5.3000,\"publicationDate\":\"2025-07-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Physical Review D\",\"FirstCategoryId\":\"101\",\"ListUrlMain\":\"https://doi.org/10.1103/physrevd.112.016004\",\"RegionNum\":2,\"RegionCategory\":\"物理与天体物理\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"Physics and Astronomy\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Physical Review D","FirstCategoryId":"101","ListUrlMain":"https://doi.org/10.1103/physrevd.112.016004","RegionNum":2,"RegionCategory":"物理与天体物理","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"Physics and Astronomy","Score":null,"Total":0}

引用次数: 0

摘要

机器学习在粒子物理学的背景下变得越来越流行。监督学习，使用标记蒙特卡罗（MC）模拟，仍然是最广泛使用的方法之一，用于区分超出标准模型的信号。然而，本文认为，监督模型可能过度依赖于蒙特卡罗模拟的人工制品和近似值，这可能会限制它们很好地推广到真实数据的能力。本研究旨在通过降低局部极小值的锐度来提高监督模型的泛化性能。它回顾了四种不同的白盒对抗性攻击在希格斯玻色子衰变信号分类中的应用。攻击分为权重空间攻击和特征空间攻击。为了研究和量化不同局部极小值的清晰度，本文提出了梯度上升和约简Hessian特征值分析两种分析方法。结果表明，白盒对抗攻击显著提高了泛化性能，尽管增加了计算复杂度。2025年由美国物理学会出版

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Enhancing generalization in high-energy physics using white-box adversarial attacks

Machine learning is becoming increasingly popular in the context of particle physics. Supervised learning, which uses labeled Monte Carlo (MC) simulations, remains one of the most widely used methods for discriminating signals beyond the Standard Model. However, this paper suggests that supervised models may depend excessively on artifacts and approximations from Monte Carlo simulations, potentially limiting their ability to generalize well to real data. This study aims to enhance the generalization properties of supervised models by reducing the sharpness of local minima. It reviews the application of four distinct white-box adversarial attacks in the context of classifying Higgs boson decay signals. The attacks are divided into weight-space attacks and feature-space attacks. To study and quantify the sharpness of different local minima, this paper presents two analysis methods: gradient ascent and reduced Hessian eigenvalue analysis. The results show that white-box adversarial attacks significantly improve generalization performance, albeit with increased computational complexity.

Published by the American Physical Society

2025

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Physical Review D 物理-天文与天体物理

CiteScore

9.20

自引率

36.00%

发文量

审稿时长

2 months

期刊介绍： Physical Review D (PRD) is a leading journal in elementary particle physics, field theory, gravitation, and cosmology and is one of the top-cited journals in high-energy physics. PRD covers experimental and theoretical results in all aspects of particle physics, field theory, gravitation and cosmology, including: Particle physics experiments, Electroweak interactions, Strong interactions, Lattice field theories, lattice QCD, Beyond the standard model physics, Phenomenological aspects of field theory, general methods, Gravity, cosmology, cosmic rays, Astrophysics and astroparticle physics, General relativity, Formal aspects of field theory, field theory in curved space, String theory, quantum gravity, gauge/gravity duality.