On the Robustness of Support Vector Machines against Adversarial Examples


P. Langenberg, E. Balda, A. Behboodi, R. Mathar,


        In this paper, the robustness of Support Vector Machines (SVMs) against adversarial instances is considered in relation to the design parameters. After generating adversarial instances using convex programming, it is shown through extensive numerical analysis that the robustness is significantly affected by parameters which change the linearity of the models. Interestingly, robustness is only slightly sensitive to the parameter determining the margin between classes. It is shown that adversarial robustness not only depends on the geometric properties of the classifier but is also subject to the accuracy of the model. The results are discussed in the light of the so-called linearity hypothesis, regarding adversarial robustness of machine learning algorithms.

