Understanding Intrinsic Robustness Using Label Uncertainty
Abstract
A fundamental question in adversarial machine learning is whether a robust classifier exists for a given task. A line of research has made some progress towards this goal by studying the concentration of measure, but we argue standard concentration fails to fully characterize the intrinsic robustness of a classification problem since it ignores data labels which are essential to any classification task. Building on a novel definition of label uncertainty, we empirically demonstrate that error regions induced by state-of-the-art models tend to have much higher label uncertainty than randomly-selected subsets. This observation motivates us to adapt a concentration estimation algorithm to account for label uncertainty, resulting in more accurate intrinsic robustness measures for benchmark image classification problems.
Cite
Text
Zhang and Evans. "Understanding Intrinsic Robustness Using Label Uncertainty." International Conference on Learning Representations, 2022.Markdown
[Zhang and Evans. "Understanding Intrinsic Robustness Using Label Uncertainty." International Conference on Learning Representations, 2022.](https://mlanthology.org/iclr/2022/zhang2022iclr-understanding/)BibTeX
@inproceedings{zhang2022iclr-understanding,
title = {{Understanding Intrinsic Robustness Using Label Uncertainty}},
author = {Zhang, Xiao and Evans, David},
booktitle = {International Conference on Learning Representations},
year = {2022},
url = {https://mlanthology.org/iclr/2022/zhang2022iclr-understanding/}
}