The Many Faces of Adversarial Risk

01/22/2022
by   Muni Sreenivas Pydi, et al.
0

Adversarial risk quantifies the performance of classifiers on adversarially perturbed data. Numerous definitions of adversarial risk – not all mathematically rigorous and differing subtly in the details – have appeared in the literature. In this paper, we revisit these definitions, make them rigorous, and critically examine their similarities and differences. Our technical tools derive from optimal transport, robust statistics, functional analysis, and game theory. Our contributions include the following: generalizing Strassen's theorem to the unbalanced optimal transport setting with applications to adversarial classification with unequal priors; showing an equivalence between adversarial robustness and robust hypothesis testing with ∞-Wasserstein uncertainty sets; proving the existence of a pure Nash equilibrium in the two-player game between the adversary and the algorithm; and characterizing adversarial risk by the minimum Bayes error between a pair of distributions belonging to the ∞-Wasserstein uncertainty sets. Our results generalize and deepen recently discovered connections between optimal transport and adversarial robustness and reveal new connections to Choquet capacities and game theory.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
12/05/2019

Adversarial Risk via Optimal Transport and Optimal Couplings

The accuracy of modern machine learning algorithms deteriorates severely...
research
10/21/2021

Subspace Detours Meet Gromov-Wasserstein

In the context of optimal transport methods, the subspace detour approac...
research
02/27/2019

Clustering through the optimal transport barycenter problem

The problem of clustering a data set is formulated in terms of the Wasse...
research
03/07/2023

New Perspectives on Regularization and Computation in Optimal Transport-Based Distributionally Robust Optimization

We study optimal transport-based distributionally robust optimization pr...
research
08/04/2021

Statistical Analysis of Wasserstein Distributionally Robust Estimators

We consider statistical methods which invoke a min-max distributionally ...
research
04/27/2022

The Multimarginal Optimal Transport Formulation of Adversarial Multiclass Classification

We study a family of adversarial multiclass classification problems and ...
research
10/13/2021

A Framework for Verification of Wasserstein Adversarial Robustness

Machine learning image classifiers are susceptible to adversarial and co...

Please sign up or login with your details

Forgot password? Click here to reset