Understanding Foundations of Robust Learning

Abstract

The growing use of machine learning in highly-sensitive applications raises concerns about the human trust in learning systems. In o rder to establish such a trust, predictions made by learning models should be robust: if inputs to the system change insignificantly , the output predictions should have moderate changes as well. Humans are extremely successful at reliable decision making despite t he variations perceived by our sensory systems. Existing learning models, however, are poor at generalizing to input variations, a k ey limitation that prohibits their reliable deployment in safety-critical applications.A key challenge in understanding foundations of robust learning is the existence of various and potentially unexpected forms of input distributional shifts. One form of distribu tional shifts is because of natural variations in the environment where the learning system has been deployed. For instance, the per ception system of a self-driving car performs poorly when it encounters variations in weather conditions, lighting, etc. Another fam ily of input distributional shifts is because of adversarial attacks which are carefully-crafted small perturbations to the inputs o f learning systems designed to mislead them. These perturbations can even be imperceptible which do not change the input in a semant ically meaningful way, thus presenting serious security challenges for real-world systems.The research objective of this proposal is to develop a comprehensive and fundamental understanding of robust learning including its intertwined statistical and computational aspects, against both natural and adversarial distributional shifts. Existing robust learning approaches have several critical limi tations causing them to be less successful in practice. Most prior works lack robustness guarantees even against a fixed and known i nput variation model, thus potentially creating a false sense of robustness in learning. Moreover, almost all existing methods do no t provide robustness to unforeseen and unexpected input variations. Furthermore, current methods do not efficiently transfer robustn ess across different model architectures hindering their deployments in realworld applications. Finally, current techniques focus ma inly on the static tasks (e.g. classification) and their applications in adaptive learning tasks such as deep reinforcement learning are relatively unexplored.In this proposal, we aim to tackle these issues and develop practically useful methods with theoretical g uarantees. Towards this goal, we propose efforts to (i) develop provable and generalizable robust learning methods against adversari al attacks, (ii) develop a unifying framework for robustness against natural input corruptions, (iii) investigate transferability of robustness across different models and (iv) study provable robustness in adaptive learning tasks such as deep reinforcement learnin g. Our proposed efforts will shed light on some fundamental issues of robust learning and will lead to reliable and practical method s with provable performance guarantees.Approved for Public Release

Document Details

Document Type

DoD Grant Award

Publication Date

Aug 20, 2021

Source ID

N000142112810

Entities

Tags