ML Anthology

When Are Non-Parametric Methods Robust?

Robi Bhattacharjee, Kamalika Chaudhuri
ICML 2020 pp. 832-841
/icml/2020/bhattacharjee2020icml-nonparametric/

Abstract

A growing body of research has shown that many classifiers are susceptible to adversarial examples – small strategic modifications to test inputs that lead to misclassification. In this work, we study general non-parametric methods, with a view towards understanding when they are robust to these modifications. We establish general conditions under which non-parametric methods are r-consistent – in the sense that they converge to optimally robust and accurate classifiers in the large sample limit. Concretely, our results show that when data is well-separated, nearest neighbors and kernel classifiers are r-consistent, while histograms are not. For general data distributions, we prove that preprocessing by Adversarial Pruning (Yang et. al., 2019)– that makes data well-separated – followed by nearest neighbors or kernel classifiers also leads to r-consistency.

PDF ICML Semantic Scholar

Cite

Text

Bhattacharjee and Chaudhuri. "When Are Non-Parametric Methods Robust?." International Conference on Machine Learning, 2020.

Markdown

[Bhattacharjee and Chaudhuri. "When Are Non-Parametric Methods Robust?." International Conference on Machine Learning, 2020.](https://mlanthology.org/icml/2020/bhattacharjee2020icml-nonparametric/)

BibTeX

@inproceedings{bhattacharjee2020icml-nonparametric,
  title     = {{When Are Non-Parametric Methods Robust?}},
  author    = {Bhattacharjee, Robi and Chaudhuri, Kamalika},
  booktitle = {International Conference on Machine Learning},
  year      = {2020},
  pages     = {832-841},
  volume    = {119},
  url       = {https://mlanthology.org/icml/2020/bhattacharjee2020icml-nonparametric/}
}