We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs
< prev | next >
new | recent | 2006

Change to browse by:

cs.LG
stat
stat.ML

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Statistics > Machine Learning

Title: Black-box Certification and Learning under Adversarial Perturbations

Authors: Hassan Ashtiani, Vinayak Pathak, Ruth Urner
(Submitted on 30 Jun 2020 (v1), last revised 22 Feb 2022 (this version, v2))
Abstract: We formally study the problem of classification under adversarial perturbations from a learner's perspective as well as a third-party who aims at certifying the robustness of a given black-box classifier. We analyze a PAC-type framework of semi-supervised learning and identify possibility and impossibility results for proper learning of VC-classes in this setting. We further introduce a new setting of black-box certification under limited query budget, and analyze this for various classes of predictors and perturbation. We also consider the viewpoint of a black-box adversary that aims at finding adversarial examples, showing that the existence of an adversary with polynomial query complexity can imply the existence of a sample efficient robust learner.
Subjects: Machine Learning (stat.ML); Machine Learning (cs.LG)
Cite as: arXiv:2006.16520 [stat.ML]
  (or arXiv:2006.16520v2 [stat.ML] for this version)

Submission history

From: Vinayak Pathak [view email]
[v1] Tue, 30 Jun 2020 04:12:59 GMT (60kb)
[v2] Tue, 22 Feb 2022 15:38:06 GMT (57kb)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.