Abstract:Deep learning models are widely deployed in safety-critical domains, but remain vulnerable to adversarial attacks. In this paper, we study the adversarial robustness of NTK neural networks in the context of nonparametric regression. We establish minimax optimal rates for adversarial regression in Sobolev spaces and then show that NTK neural networks, trained via gradient flow with early stopping, can achieve this optimal rate. However, in the overfitting regime, we prove that the minimum norm interpolant is vulnerable to adversarial perturbations.
| Subjects: | Machine Learning (stat.ML); Machine Learning (cs.LG) |
| Cite as: | arXiv:2604.25965 [stat.ML] |
| (or arXiv:2604.25965v1 [stat.ML] for this version) | |
| https://doi.org/10.48550/arXiv.2604.25965 arXiv-issued DOI via DataCite |
Submission history
From: Yuxuan Hou [view email]
[v1]
Tue, 28 Apr 2026 04:49:31 UTC (279 KB)