{"slug": "can-go-ais-be-adversarially-robust", "title": "Can Go AIs be adversarially robust?", "summary": "Researchers found that superhuman Go AIs remain vulnerable to adversarial attacks despite implementing multiple defensive countermeasures, including adversarial training and architectural changes. None of the tested defenses withstood freshly trained adversaries, with most successful attacks falling into the same class of \"cyclic\" strategies previously documented. The findings demonstrate that achieving robust AI systems remains challenging even in highly favorable, narrow domains with superhuman performance.", "body_md": "# Computer Science > Machine Learning\n\n[Submitted on 18 Jun 2024 (\n\n[v1](https://arxiv.org/abs/2406.12843v1)), last revised 14 Jan 2025 (this version, v3)]# Title:Can Go AIs be adversarially robust?\n\n[View PDF](/pdf/2406.12843)\n\nAbstract:Prior work found that superhuman Go AIs can be defeated by simple adversarial strategies, especially \"cyclic\" attacks. In this paper, we study whether adding natural countermeasures can achieve robustness in Go, a favorable domain for robustness since it benefits from incredible average-case capability and a narrow, innately adversarial setting. We test three defenses: adversarial training on hand-constructed positions, iterated adversarial training, and changing the network architecture. We find that though some of these defenses protect against previously discovered attacks, none withstand freshly trained adversaries. Furthermore, most of the reliably effective attacks these adversaries discover are different realizations of the same overall class of cyclic attacks. Our results suggest that building robust AI systems is challenging even with extremely superhuman systems in some of the most tractable settings, and highlight two key gaps: efficient generalization of defenses, and diversity in training. For interactive examples of attacks and a link to our codebase, see[this https URL].\n\n## Submission history\n\nFrom: Tom Tseng [[view email](/show-email/9d747df0/2406.12843)]\n\n**Tue, 18 Jun 2024 17:57:49 UTC (3,528 KB)**\n\n[[v1]](/abs/2406.12843v1)**Tue, 24 Sep 2024 08:38:38 UTC (3,596 KB)**\n\n[[v2]](/abs/2406.12843v2)**[v3]** Tue, 14 Jan 2025 03:08:02 UTC (2,089 KB)\n\n### Current browse context:\n\ncs.LG\n\n### References & Citations\n\nLoading...\n\n# Bibliographic and Citation Tools\n\nBibliographic Explorer\n\n*(*[What is the Explorer?](https://info.arxiv.org/labs/showcase.html#arxiv-bibliographic-explorer))\nConnected Papers\n\n*(*[What is Connected Papers?](https://www.connectedpapers.com/about))\nLitmaps\n\n*(*[What is Litmaps?](https://www.litmaps.co/))\nscite Smart Citations\n\n*(*[What are Smart Citations?](https://www.scite.ai/))# Code, Data and Media Associated with this Article\n\nalphaXiv\n\n*(*[What is alphaXiv?](https://alphaxiv.org/))\nCatalyzeX Code Finder for Papers\n\n*(*[What is CatalyzeX?](https://www.catalyzex.com))\nDagsHub\n\n*(*[What is DagsHub?](https://dagshub.com/))\nGotit.pub\n\n*(*[What is GotitPub?](http://gotit.pub/faq))\nHugging Face\n\n*(*[What is Huggingface?](https://huggingface.co/huggingface))\nScienceCast\n\n*(*[What is ScienceCast?](https://sciencecast.org/welcome))# Demos\n\n# Recommenders and Search Tools\n\nInfluence Flower\n\n*(*[What are Influence Flowers?](https://influencemap.cmlab.dev/))\nCORE Recommender\n\n*(*[What is CORE?](https://core.ac.uk/services/recommender))\nIArxiv Recommender\n\n*(*[What is IArxiv?](https://iarxiv.org/about))# arXivLabs: experimental projects with community collaborators\n\narXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.\n\nBoth individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.\n\nHave an idea for a project that will add value for arXiv's community? [ Learn more about arXivLabs](https://info.arxiv.org/labs/index.html).", "url": "https://wpnews.pro/news/can-go-ais-be-adversarially-robust", "canonical_source": "https://arxiv.org/abs/2406.12843", "published_at": "2026-05-28 22:50:33+00:00", "updated_at": "2026-05-28 22:59:39.068576+00:00", "lang": "en", "topics": ["artificial-intelligence", "machine-learning", "neural-networks", "ai-safety", "ai-research"], "entities": ["Tom Tseng"], "alternates": {"html": "https://wpnews.pro/news/can-go-ais-be-adversarially-robust", "markdown": "https://wpnews.pro/news/can-go-ais-be-adversarially-robust.md", "text": "https://wpnews.pro/news/can-go-ais-be-adversarially-robust.txt", "jsonld": "https://wpnews.pro/news/can-go-ais-be-adversarially-robust.jsonld"}}