![[2506.05402] Lorica: A Synergistic Fine-Tuning Framework for Advancing Personalized Adversarial Robustness](https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png){kind=logo}
[2506.05402] Lorica: A Synergistic Fine-Tuning Framework for Advancing Personalized Adversarial Robustness
Summary
The paper presents Lorica, a novel framework aimed at enhancing personalized adversarial robustness in machine learning models, particularly for edge computing environments. It introduces a two-phase training process that improves model performance while reducing communication...
Why It Matters
As machine learning models are increasingly deployed on mobile devices, ensuring their robustness against adversarial attacks is crucial for security and user trust. Lorica addresses the limitations of existing federated adversarial training methods by offering personalized solutions that enhance both model accuracy and communication efficiency, making it highly relevant for developers and researchers in AI safety and security.
Key Takeaways
- Lorica employs a two-phase training process for personalized adversarial robustness.
- It significantly reduces communication overhead by only uploading essential parameters.
- The framework achieves notable improvements in both adversarial robustness and benign accuracy.
- Extensive experiments validate Lorica's effectiveness against state-of-the-art algorithms.
- This approach is particularly beneficial for edge computing applications.
Computer Science > Cryptography and Security arXiv:2506.05402 (cs) [Submitted on 4 Jun 2025 (v1), last revised 15 Feb 2026 (this version, v3)] Title:Lorica: A Synergistic Fine-Tuning Framework for Advancing Personalized Adversarial Robustness Authors:Tianyu Qi, Lei Xue, Yufeng Zhan, Xiaobo Ma View a PDF of the paper titled Lorica: A Synergistic Fine-Tuning Framework for Advancing Personalized Adversarial Robustness, by Tianyu Qi and Lei Xue and Yufeng Zhan and Xiaobo Ma View PDF HTML (experimental) Abstract:The growing use of large pre-trained models in edge computing has made model inference on mobile clients both feasible and popular. Yet these devices remain vulnerable to adversarial attacks, threatening model robustness and security. Federated adversarial training (FAT) offers a promising solution by enhancing robustness while preserving client privacy. However, FAT often yields a generalized global model that struggles with heterogeneous client data, leading to limited personalization and significant communication overhead. In this paper, we propose \textit{Lorica}, a personalized synergistic adversarial training framework that delivers customized defense models through a two-phase process. In Phase 1, \textit{Lorica} applies LoRA-FA for local adversarial fine-tuning, enabling personalized robustness while reducing communication by uploading only LoRA-FA parameters. In Phase 2, a forward-gating selection strategy improves benign accuracy, further refining the personal...