On the existence of solutions to adversarial training in multiclass classification

We study three models of the problem of adversarial training in multiclass classification designed to construct robust classifiers against adversarial perturbations of data in the agnostic-classifier setting. We prove the existence of Borel measurable robust classifiers in each model and provide a unified perspective of the adversarial training problem, expanding the connections with optimal transport initiated by the authors in previous work and developing new connections between adversarial training in the multiclass setting and total variation regularization. As a corollary of our results, we prove the existence of Borel measurable solutions to the agnostic adversarial training problem in the binary classification setting, a result that improves results in the literature of adversarial training, where robust classifiers were only known to exist within the enlarged universal $\sigma$-algebra of the feature space.

[1]  Leon Bungert,et al.  Gamma-convergence of a nonlocal perimeter arising in adversarial machine learning , 2022, ArXiv.

[2]  Maria-Florina Balcan,et al.  Nash Equilibria and Pitfalls of Adversarial Training in Adversarial Robustness Games , 2022, AISTATS.

[3]  Natalie Frank Existence and Minimax Theorems for Adversarial Surrogate Risks in Binary Classification , 2022, ArXiv.

[4]  Jonathan Niles-Weed,et al.  The Consistency of Adversarial Training for Binary Classification , 2022, ArXiv.

[5]  M. Jacobs,et al.  The Multimarginal Optimal Transport Formulation of Adversarial Multiclass Classification , 2022, J. Mach. Learn. Res..

[6]  Muni Sreenivas Pydi The Many Faces of Adversarial Risk: An Expanded Study , 2022, IEEE Transactions on Information Theory.

[7]  Mehryar Mohri,et al.  On the Existence of the Adversarial Bayes Classifier (Extended Version) , 2021, NeurIPS.

[8]  Leon Bungert,et al.  The Geometry of Adversarial Training in Binary Classification , 2021, ArXiv.

[9]  Yann Chevaleyre,et al.  Mixed Nash Equilibria in the Adversarial Examples Game , 2021, ICML.

[10]  Gershon Wolansky,et al.  Optimal Transport , 2021 .

[11]  Ryan W. Murray,et al.  Adversarial Classification: Necessary conditions and geometric flows , 2020, J. Mach. Learn. Res..

[12]  William L. Hamilton,et al.  Adversarial Example Games , 2020, NeurIPS.

[13]  Ryan W. Murray,et al.  From Graph Cuts to Isoperimetric Inequalities: Convergence Rates of Cheeger Cuts on Data Clouds , 2020, Archive for Rational Mechanics and Analysis.

[14]  Muni Sreenivas Pydi,et al.  Adversarial Risk via Optimal Transport and Optimal Couplings , 2019, IEEE Transactions on Information Theory.

[15]  Daniel Cullina,et al.  Lower Bounds on Adversarial Robustness from Optimal Transport , 2019, NeurIPS.

[16]  Francesco Tudisco,et al.  Total variation based community detection using a nonlinear optimization approach , 2019, SIAM J. Appl. Math..

[17]  A. Chambolle,et al.  Mumford–Shah functionals on graphs and their asymptotics , 2019, Nonlinearity.

[18]  Mason A. Porter,et al.  Stochastic Block Models are a Discrete Surface Tension , 2018, Journal of Nonlinear Science.

[19]  Fabio Roli,et al.  Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning , 2017, Pattern Recognit..

[20]  Andrea L. Bertozzi,et al.  Convergence of the Graph Allen–Cahn Scheme , 2017, Journal of Statistical Physics.

[21]  Nicolas Garcia Trillos,et al.  A new analytical approach to consistency and overfitting in regularized empirical risk minimization , 2016, European Journal of Applied Mathematics.

[22]  Karthyek R. A. Murthy,et al.  Quantifying Distributional Model Risk Via Optimal Transport , 2016, Math. Oper. Res..

[23]  Jonathon Shlens,et al.  Explaining and Harnessing Adversarial Examples , 2014, ICLR.

[24]  Andrea L. Bertozzi,et al.  An MBO Scheme on Graphs for Classification and Image Processing , 2013, SIAM J. Imaging Sci..

[25]  A. Bertozzi,et al.  Mean Curvature, Threshold Dynamics, and Phase Field Theory on Finite Graphs , 2013, 1307.0045.

[26]  Mason A. Porter,et al.  A Method Based on Total Variation for Network Modularity Optimization Using the MBO Scheme , 2013, SIAM J. Appl. Math..

[27]  Arjuna Flenner,et al.  Diffuse Interface Models on Graphs for Classification of High Dimensional Data , 2012, SIAM Rev..

[28]  Guillaume Carlier,et al.  Barycenters in the Wasserstein Space , 2011, SIAM J. Math. Anal..

[29]  Dimitri P. Bertsekas,et al.  Stochastic optimal control : the discrete time case , 2007 .

[30]  Gábor Lugosi,et al.  Introduction to Statistical Learning Theory , 2004, Advanced Lectures on Machine Learning.

[31]  C. Villani Topics in Optimal Transportation , 2003 .

[32]  Togo Nishiura,et al.  Absolute measurable spaces , 2008 .

[33]  Dov M. Gabbay,et al.  Handbook of the history of logic , 2004 .