Reducing Adversarially Robust Learning to Non-Robust PAC Learning

Omar Montasser; Steve Hanneke; Nati Srebro

2020 NIPS NeurIPS 2020

Reducing Adversarially Robust Learning to Non-Robust PAC Learning

Abstract

We study the problem of reducing adversarially robust learning to standard PAC learning, i.e. the complexity of learning adversarially robust predictors using access to only a black-box non-robust learner. We give a reduction that can robustly learn any hypothesis class C using any non-robust learner A for C. The number of calls to A depends logarithmically on the number of allowed adversarial perturbations per example, and we give a lower bound showing this is unavoidable.

🧭 Keyword Pioneer — hyperplane recovery

🐣 Hot Topic Early Bird — query complexity

🐝 Cross-Pollinator — Artificial Intelligence, Computer Science, Computer Vision, Data Science & Analytics, Deep Learning, Healthcare & Medicine, Interdisciplinary, Knowledge & Reasoning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Reinforcement Learning, Robotics, Security & Privacy, Speech & Audio

Authors

Omar Montasser , Steve Hanneke , Nati Srebro

Topics

Machine Learning > Core Methods > Classification Machine Learning > Optimization & Theory > Learning Theory Machine Learning > Learning Types > Robustness

Keywords

sparse recovery adversarial robustness pac learning query complexity robust learning hypothesis class linear classifier 1-bit compressed sensing black-box learner hyperplane recovery

Download PDF

Related papers

Higher-Order Spectral Clustering of Directed Graphs 2020

Self-Supervised MultiModal Versatile Networks 2020

Multi-Robot Collision Avoidance under Uncertainty with Probabilistic Safety Barrier Certificates 2020

Causal Intervention for Weakly-Supervised Semantic Segmentation 2020

Taming Discrete Integration via the Boon of Dimensionality 2020