Crossmark

Active machine learning approach to adversarial training improves trade-off between natural accuracy and adversarial robustness

Published Online: 2026-04-28

Authors

Mirsadeghi, Seyed Mohammad Hadi
Funding

Funding for this research was provided by:

European Union and Estonian Research Council (TEM-TA5)
License Information

Text and Data Mining valid from 2026-04-28

Accepted Manuscript valid from 2026-04-28
More Information

Article History

Received: 9 July 2025

Accepted: 21 April 2026

First Online: 28 April 2026

Declarations

:

: The authors declare no competing interests.

: We implement the active machine learning approach to adversarial training with multiple adversarial training methods such as Standard Adversarial Training (AT), Misclassification Aware adveRsarial Training (MART), and Theoretically Principled Trade-off between Accuracy and Robustness (TRADES). That said, the method is highly modular and integratable into other adversarial training methods. This design makes the method straightforward to extend to new settings where different operations may be desired.

: The active machine learning approach to adversarial training can be applied to a wide range of applications including financial, medical, computer and communications security, and legal applications. Our research could be used to improve the accuracyrobustness trade-off in these cases. The method is capable of improving both robustness and accuracy at the same time.

Document is current