Adversarial classification via distributional robustness with Wasserstein ambiguity
Abstract
We study a model for adversarial classification based on distributionally robust chance constraints. We show that under Wasserstein ambiguity, the model aims to minimize the conditional value-at-risk of the distance to misclassification, and we explore links to adversarial classification models proposed earlier and to maximum-margin classifiers. We also provide a reformulation of the distributionally robust model for linear classification, and show it is equivalent to minimizing a regularized ramp loss objective. Numerical experiments show that, despite the nonconvexity of this formulation, standard descent methods appear to converge to the global minimizer for this problem. Inspired by this observation, we show that, for a certain class of distributions, the only stationary point of the regularized ramp loss minimization problem is the global minimizer.
Document Details
- Document Type
- Pub Defense Publication
- Publication Date
- Apr 05, 2022
- Source ID
- 10.1007/s10107-022-01796-6
Entities
People
- Nam Ho-Nguyen
- Stephen J. Wright
Organizations
- Argonne National Laboratory
- Defense Advanced Research Projects Agency
- National Science Foundation