ML Anthology

Black-Box Certification and Learning Under Adversarial Perturbations

Hassan Ashtiani, Vinayak Pathak, Ruth Urner
ICML 2020 pp. 388-398
/icml/2020/ashtiani2020icml-blackbox/

Abstract

We formally study the problem of classification under adversarial perturbations from a learner’s perspective as well as a third-party who aims at certifying the robustness of a given black-box classifier. We analyze a PAC-type framework of semi-supervised learning and identify possibility and impossibility results for proper learning of VC-classes in this setting. We further introduce a new setting of black-box certification under limited query budget, and analyze this for various classes of predictors and perturbation. We also consider the viewpoint of a black-box adversary that aims at finding adversarial examples, showing that the existence of an adversary with polynomial query complexity can imply the existence of a sample efficient robust learner.

PDF ICML Semantic Scholar

Cite

Text

Ashtiani et al. "Black-Box Certification and Learning Under Adversarial Perturbations." International Conference on Machine Learning, 2020.

Markdown

[Ashtiani et al. "Black-Box Certification and Learning Under Adversarial Perturbations." International Conference on Machine Learning, 2020.](https://mlanthology.org/icml/2020/ashtiani2020icml-blackbox/)

BibTeX

@inproceedings{ashtiani2020icml-blackbox,
  title     = {{Black-Box Certification and Learning Under Adversarial Perturbations}},
  author    = {Ashtiani, Hassan and Pathak, Vinayak and Urner, Ruth},
  booktitle = {International Conference on Machine Learning},
  year      = {2020},
  pages     = {388-398},
  volume    = {119},
  url       = {https://mlanthology.org/icml/2020/ashtiani2020icml-blackbox/}
}