Efficient Training of Robust Decision Trees Against Adversarial Examples
Authors: Daniël Vos, Sicco Verwer
ICML 2021 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Our results on both single trees and ensembles on 14 structured datasets as well as on MNIST and Fashion-MNIST demonstrate that GROOT runs several orders of magnitude faster than the state-of-the-art works and also shows better performance in terms of adversarial accuracy on structured data. |
| Researcher Affiliation | Academia | 1Cyber Security Group, Delft University of Technology, Delft, The Netherlands. Correspondence to: Dani el Vos <d.a.vos@tudelft.nl>. |
| Pseudocode | Yes | Algorithm 1 Find Best Robust Split on Numerical feature; Algorithm 2 Fit Robust Tree on Numerical Data |
| Open Source Code | Yes | We implement and publish GROOT s source code in a Scikitlearn (Pedregosa et al., 2011) compatible classifier. To foster further research we implemented GROOT according to the Scikit-learn API and published the code on Git Hub1. 1https://github.com/tudelft-cda-lab/GROOT |
| Open Datasets | Yes | We present results on 14 structured datasets as well as MNIST (Le Cun et al., 2010) and Fashion-MNIST (Xiao et al., 2017). ... All datasets can be retrieved from Open ML2, their specific versions, size and corresponding ϵ values can be found in Table 2. 2https://www.openml.org/ |
| Dataset Splits | Yes | We train each model on each dataset with 5 fold stratified cross validation. The datasets were randomly split in a 70%-30% stratified train-test split and were evaluated against an L radius of 0.4. |
| Hardware Specification | Yes | All experiments ran on a Linux machine with 16 Intel Xeon CPU cores and 72GB of RAM total. Each algorithm instance ran on a single core and therefore did not use any parallel optimizations. All models ran on a system with 8GB RAM and 4 Intel i7-4710MQ CPU cores (8 logical cores), the hyperparameters were the same as in the previous experiment. |
| Software Dependencies | No | The paper mentions 'Scikit-learn' and 'XGBoost' but does not specify their version numbers, nor does it list specific versions for other key software components. |
| Experiment Setup | Yes | The used hyperparameters are summarized in Table 5. All models required at least 10 samples to make a split and 5 samples to create a leaf. All ensembles were limited to training 100 trees. |