Black-box Certification and Learning under Adversarial Perturbations
Authors: Hassan Ashtiani, Vinayak Pathak, Ruth Urner
ICML 2020 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Theoretical | We formally study the problem of classification under adversarial perturbations from a learner s perspective as well as a third-party who aims at certifying the robustness of a given black-box classifier. We analyze a PAC-type framework of semisupervised learning and identify possibility and impossibility results for proper learning of VCclasses in this setting. We further introduce a new setting of black-box certification under limited query budget, and analyze this for various classes of predictors and perturbation. |
| Researcher Affiliation | Collaboration | 1Department of Computing and Software, Mc Master University, Hamilton, ON, Canada 2Scotiabank, Toronto, ON, Canada 3Lassonde School of Engineering, EECS Department, York University, Toronto, ON, Canada. |
| Pseudocode | No | The paper contains formal definitions, theorems, and proof sketches, but no sections or figures labeled 'Pseudocode' or 'Algorithm', nor any structured, code-like steps for a procedure. |
| Open Source Code | No | The paper does not provide any statement about making its source code publicly available, nor does it include links to a code repository. |
| Open Datasets | No | This is a theoretical paper and does not describe the use of any datasets for training or experimentation. |
| Dataset Splits | No | This paper is theoretical and does not describe experimental validation using dataset splits. |
| Hardware Specification | No | The paper focuses on theoretical analysis and does not describe any experimental setup involving specific hardware specifications. |
| Software Dependencies | No | The paper focuses on theoretical analysis and does not describe any specific software dependencies or versions used for implementation or experimentation. |
| Experiment Setup | No | The paper focuses on theoretical analysis and does not describe any experimental setup with specific hyperparameters, training configurations, or system-level settings. |