We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

stat.ML
< prev | next >
new | recent | 2006

Change to browse by:

cs
cs.LG
stat

References & Citations

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Statistics > Machine Learning

Title: Black-box Certification and Learning under Adversarial Perturbations

Authors: Hassan Ashtiani, Vinayak Pathak, Ruth Urner
(Submitted on 30 Jun 2020 (this version), latest version 22 Feb 2022 (v2))
Abstract: We formally study the problem of classification under adversarial perturbations, both from the learner's perspective, and from the viewpoint of a third-party who aims at certifying the robustness of a given black-box classifier. We analyze a PAC-type framework of semi-supervised learning and identify possibility and impossibility results for proper learning of VC-classes in this setting. We further introduce and study a new setting of black-box certification under limited query budget. We analyze this for various classes of predictors and types of perturbation. We also consider the viewpoint of a black-box adversary that aims at finding adversarial examples, showing that the existence of an adversary with polynomial query complexity implies the existence of a robust learner with small sample complexity.
Subjects: Machine Learning (stat.ML); Machine Learning (cs.LG)
Cite as: arXiv:2006.16520 [stat.ML]
  (or arXiv:2006.16520v1 [stat.ML] for this version)

Submission history

From: Vinayak Pathak [view email]
[v1] Tue, 30 Jun 2020 04:12:59 GMT (60kb)
[v2] Tue, 22 Feb 2022 15:38:06 GMT (57kb)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.