Understanding Foundations of Robust Learning

Abstract

The growing use of machine learning in highly-sensitive applications raises concerns about the human trust in learning systems. In o,rder to establish such a trust, predictions made by learning models should be robust: if inputs to the system change insignificantly,, the output predictions should have moderate changes as well. Humans are extremely successful at reliable decision making despite t,he variations perceived by our sensory systems. Existing learning models, however, are poor at generalizing to input variations, a k,ey limitation that prohibits their reliable deployment in safety-critical applications.A key challenge in understanding foundations,of robust learning is the existence of various and potentially unexpected forms of input distributional shifts. One form of distribu,tional shifts is because of natural variations in the environment where the learning system has been deployed. For instance, the per,ception system of a self-driving car performs poorly when it encounters variations in weather conditions, lighting, etc. Another fam,ily of input distributional shifts is because of adversarial attacks which are carefully-crafted small perturbations to the inputs o,f learning systems designed to mislead them. These perturbations can even be imperceptible which do not change the input in a semant,ically meaningful way, thus presenting serious security challenges for real-world systems. The research objective of this proposal i,s to develop a comprehensive and fundamental understanding of robust learning including its intertwined statistical and computationa,l aspects, against both natural and adversarial distributional shifts. Existing robust learning approaches have several critical lim,itations causing them to be less successful in practice. Most prior works lack robustness guarantees even against a fixed and known,input variation model, thus potentially creating a false sense of robustness in learning. Moreover, almost all existing methods do n,ot provide robustness to unforeseen and unexpected input variations. Furthermore, current methods do not efficiently transfer robust,ness across different model architectures hindering their deployments in real-world applications. Finally, current techniques focus,mainly on the static tasks (e.g. classification) and their applications in adaptive learning tasks such as deep reinforcement learni,ng are relatively unexplored. In this proposal, we aim to tackle these issues and develop practically useful methods with theoretica,l guarantees. Towards this goal, we propose efforts to (i) develop provable and generalizable robust learning methods against advers,arial attacks, (ii) develop a unifying framework for robustness against natural input corruptions, (iii) investigate transferability, of robustness across different models and (iv) study provable robustness in adaptive learning tasks such as deep reinforcement lear,ning. Our proposed efforts will shed light on some fundamental issues of robust learning and will lead to reliable and practical met,hods with provable performance guarantees. Approved for Public Release

Document Details

Document Type

DoD Grant Award

Publication Date

Apr 01, 2022

Source ID

N000142212271

Entities

Tags