Fundamental Limits of Adversarial Learning
Bello, Kevin, Xu, Qiuling, Honorio, Jean
Robustness of machine learning methods is essential for modern practical applications. Given the arms race between attack and defense methods, one may be curious regarding the fundamental limits of any defense mechanism. In this work, we focus on the problem of learning from noise-injected data, where the existing literature falls short by either assuming a specific attack method or by over-specifying the learning problem. We shed light on the information-theoretic limits of adversarial learning without assuming a particular learning process or attacker. Finally, we apply our general bounds to a canonical set of non-trivial learning problems and provide examples of common types of attacks.
Jul-1-2020
- Country:
- North America > United States
- New York > New York County
- New York City (0.04)
- Indiana > Tippecanoe County
- West Lafayette (0.04)
- Lafayette (0.04)
- California > Alameda County
- Berkeley (0.04)
- New York > New York County
- Europe > United Kingdom
- England > Cambridgeshire > Cambridge (0.04)
- North America > United States
- Genre:
- Research Report (0.50)
- Industry:
- Education > Focused Education > Special Education (0.45)
- Technology: