Search Menu
DOE PAGES title logo U.S. Department of Energy
Office of Scientific and Technical Information
Search Scholarly Publications

Title: Adversarial classification via distributional robustness with Wasserstein ambiguity

Journal Article · · Mathematical Programming
ORCiD logo;

Abstract We study a model for adversarial classification based on distributionally robust chance constraints. We show that under Wasserstein ambiguity, the model aims to minimize the conditional value-at-risk of the distance to misclassification, and we explore links to adversarial classification models proposed earlier and to maximum-margin classifiers. We also provide a reformulation of the distributionally robust model for linear classification, and show it is equivalent to minimizing a regularized ramp loss objective. Numerical experiments show that, despite the nonconvexity of this formulation, standard descent methods appear to converge to the global minimizer for this problem. Inspired by this observation, we show that, for a certain class of distributions, the only stationary point of the regularized ramp loss minimization problem is the global minimizer.

Sponsoring Organization:
USDOE
OSTI ID:
1861139
Journal Information:
Mathematical Programming, Journal Name: Mathematical Programming Journal Issue: 2 Vol. 198; ISSN 0025-5610
Publisher:
Springer Science + Business MediaCopyright Statement
Country of Publication:
Netherlands
Language:
English

References (27)

On the limited memory BFGS method for large scale optimization journal August 1989
Data-driven distributionally robust optimization using the Wasserstein metric: performance guarantees and tractable reformulations journal July 2017
On distributionally robust chance constrained programs with Wasserstein distance journal November 2019
On handling indicator constraints in mixed integer programming journal May 2016
Analysis of classifiers’ robustness to adversarial perturbations journal August 2017
Characterization of the equivalence of robustification and regularization in linear and matrix regression journal November 2018
Cutting-set methods for robust convex optimization with pessimizing oracles journal June 2009
Robust linear programming discrimination of two linearly inseparable sets journal January 1992
Exact and inexact subsampled Newton methods for optimization journal April 2018
DeepFool: A Simple and Accurate Method to Fool Deep Neural Networks conference June 2016
Robustness via Curvature Regularization, and Vice Versa conference June 2019
Towards Evaluating the Robustness of Neural Networks conference May 2017
Adversarial Risk via Optimal Transport and Optimal Couplings journal September 2021
Nonconvex Optimization Meets Low-Rank Matrix Factorization: An Overview journal October 2019
An Old-New Concept of Convex risk Measures: the Optimized Certainty Equivalent journal July 2007
Optimization and Nonsmooth Analysis book January 1990
Smoothing and First Order Methods: A Unified Framework journal January 2012
Trading convexity for scalability conference January 2006
Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods
  • Carlini, Nicholas; Wagner, David
  • CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security, Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security https://doi.org/10.1145/3128572.3140444
conference November 2017
On ψ-Learning journal September 2003
Robust Truncated Hinge Loss Support Vector Machines journal September 2007
Robust Classification journal January 2019
Quantifying Distributional Model Risk via Optimal Transport journal May 2019
Support Vector Machines with the Ramp Loss and the Hard Margin Loss journal April 2011
Linear and Nonlinear Separation of Patterns by Linear Programming journal June 1965
Oracle-Based Robust Optimization via Online Learning journal June 2015
Online First-Order Framework for Robust Convex Optimization journal November 2018

Similar Records

Related Subjects