Learning with Monotone Adversarial Corruptions
By: Kasper Green Larsen, Chirag Pabbaraju, Abhishek Shetty
Potential Business Impact:
Makes smart computer programs fail with bad data.
We study the extent to which standard machine learning algorithms rely on exchangeability and independence of data by introducing a monotone adversarial corruption model. In this model, an adversary, upon looking at a "clean" i.i.d. dataset, inserts additional "corrupted" points of their choice into the dataset. These added points are constrained to be monotone corruptions, in that they get labeled according to the ground-truth target function. Perhaps surprisingly, we demonstrate that in this setting, all known optimal learning algorithms for binary classification can be made to achieve suboptimal expected error on a new independent test point drawn from the same distribution as the clean dataset. On the other hand, we show that uniform convergence-based algorithms do not degrade in their guarantees. Our results showcase how optimal learning algorithms break down in the face of seemingly helpful monotone corruptions, exposing their overreliance on exchangeability.
Similar Papers
Robust Estimation Under Heterogeneous Corruption Rates
Machine Learning (CS)
Filters bad data to make computer learning better.
Robustly Learning Monotone Single-Index Models
Machine Learning (CS)
Teaches computers to learn from messy, tricky data.
Improved Bounds for Private and Robust Alignment
Machine Learning (CS)
Makes AI learn safely from messy, private info.