ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

Robust Adversarial Classification via Abstaining

Al Makdah, AA and Katewa, V and Pasqualetti, F (2021) Robust Adversarial Classification via Abstaining. In: 2021 60th IEEE Conference on Decision and Control (CDC), 14-17 Dec. 2021, Austin, TX, USA, pp. 763-768.

[img]
Preview
 PDF
pro_iee_con_2021_763-768_2021.pdf - Published Version
Download (467kB) | Preview
Official URL: https://doi.org/10.1109/CDC45484.2021.9683538

Abstract

In this work, we consider a binary classification problem and cast it into a binary hypothesis testing framework, where the observations can be perturbed by an adversary. To improve the adversarial robustness of a classifier, we include an abstain option, where the classifier abstains from making a decision when it has low confidence about the prediction. We propose metrics to quantify the nominal performance of a classifier with an abstain option and its robustness against adversarial perturbations. We show that there exist a tradeoff between the two metrics regardless of what method is used to choose the abstain region. Our results imply that the robustness of a classifier with an abstain option can only be improved at the expense of its nominal performance. Further, we provide necessary conditions to design the abstain region for a 1-dimensional binary classification problem. We validate our theoretical results on the MNIST dataset, where we numerically show that the tradeoff between performance and robustness also exist for the general multi-class classification problems. © 2021 IEEE.

Item Type: Conference Proceedings
Publication: Proceedings of the IEEE Conference on Decision and Control
Publisher: Institute of Electrical and Electronics Engineers Inc.
Additional Information: The copyright for this article belongs to the authors.
Keywords: Computer vision, Adversarial classifications; Binary classification problems; Binary Hypothesis Testing; Condition; Multiclass classification problems; Performance; Testing framework, Classification (of information)
Department/Centre: Division of Electrical Sciences > Electrical Communication Engineering
Date Deposited: 15 May 2022 17:00
Last Modified: 15 May 2022 17:00
URI: https://eprints.iisc.ac.in/id/eprint/71662

Actions (login required)

View Item View Item
Powered by EPrints A service from The J.R.D. Tata Memorial Library Indian Institute of Science, Bengaluru-560012, India