File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Conference Paper: On the Generalization Analysis of Adversarial Learning

TitleOn the Generalization Analysis of Adversarial Learning
Authors
Issue Date2022
Citation
Proceedings of Machine Learning Research, 2022, v. 162, p. 16174-16196 How to Cite?
AbstractMany recent studies have highlighted the susceptibility of virtually all machine-learning models to adversarial attacks. Adversarial attacks are imperceptible changes to an input example of a given prediction model. Such changes are carefully designed to alter the otherwise correct prediction of the model. In this paper, we study the generalization properties of adversarial learning. In particular, we derive high-probability generalization bounds on the adversarial risk in terms of the empirical adversarial risk, the complexity of the function class, and the adversarial noise set. Our bounds are generally applicable to many models, losses, and adversaries. We showcase its applicability by deriving adversarial generalization bounds for the multi-class classification setting and various prediction models (including linear models and Deep Neural Networks). We also derive optimistic adversarial generalization bounds for the case of smooth losses. These are the first fast-rate bounds valid for adversarial deep learning to the best of our knowledge.
Persistent Identifierhttp://hdl.handle.net/10722/329982

 

DC FieldValueLanguage
dc.contributor.authorMustafa, Waleed-
dc.contributor.authorLei, Yunwen-
dc.contributor.authorKloft, Marius-
dc.date.accessioned2023-08-09T03:36:58Z-
dc.date.available2023-08-09T03:36:58Z-
dc.date.issued2022-
dc.identifier.citationProceedings of Machine Learning Research, 2022, v. 162, p. 16174-16196-
dc.identifier.urihttp://hdl.handle.net/10722/329982-
dc.description.abstractMany recent studies have highlighted the susceptibility of virtually all machine-learning models to adversarial attacks. Adversarial attacks are imperceptible changes to an input example of a given prediction model. Such changes are carefully designed to alter the otherwise correct prediction of the model. In this paper, we study the generalization properties of adversarial learning. In particular, we derive high-probability generalization bounds on the adversarial risk in terms of the empirical adversarial risk, the complexity of the function class, and the adversarial noise set. Our bounds are generally applicable to many models, losses, and adversaries. We showcase its applicability by deriving adversarial generalization bounds for the multi-class classification setting and various prediction models (including linear models and Deep Neural Networks). We also derive optimistic adversarial generalization bounds for the case of smooth losses. These are the first fast-rate bounds valid for adversarial deep learning to the best of our knowledge.-
dc.languageeng-
dc.relation.ispartofProceedings of Machine Learning Research-
dc.titleOn the Generalization Analysis of Adversarial Learning-
dc.typeConference_Paper-
dc.description.naturelink_to_subscribed_fulltext-
dc.identifier.scopuseid_2-s2.0-85163063850-
dc.identifier.volume162-
dc.identifier.spage16174-
dc.identifier.epage16196-
dc.identifier.eissn2640-3498-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats