In this paper, we present the first detailed analysis of how training hyperparameters -- such as learning rate, weight decay, momentum, and batch size -- influence robustness against both transfer-based and query-based attacks. Supported by theory and experiments, our study spans a variety of practical deployment settings, including centralized training, ensemble learning, and distributed training. We uncover a striking dichotomy: for transfer-based attacks, decreasing the learning rate significantly enhances robustness by up to $64\%$. In contrast, for query-based attacks, increasing the learning rate consistently leads to improved robustness by up to $28\%$ across various settings and data distributions. Leveraging these findings, we explore -- for the first time -- the training hyperparameter space to jointly enhance robustness against both transfer-based and query-based attacks. Our results reveal that distributed models benefit the most from hyperparameter tuning, achieving a remarkable tradeoff by simultaneously mitigating both attack types more effectively than other training setups.

翻译：本文首次详细分析了训练超参数——如学习率、权重衰减、动量与批大小——如何影响对抗迁移攻击和查询攻击的鲁棒性。通过理论与实验支持，我们的研究涵盖了多种实际部署场景，包括集中式训练、集成学习与分布式训练。我们发现了一个显著的二分现象：对于迁移攻击，降低学习率可将鲁棒性显著提升高达$64\\%$；相反，对于查询攻击，提高学习率在不同设置与数据分布下均能持续提升鲁棒性，最高可达$28\\%$。基于这些发现，我们首次探索了训练超参数空间，以协同增强对抗迁移攻击与查询攻击的鲁棒性。结果表明，分布式模型从超参数调优中获益最大，通过比其他训练设置更有效地同时缓解两类攻击，实现了显著的权衡优化。