Adversarial Risk via Optimal Transport and Optimal Couplings

Modern machine learning algorithms perform poorly on adversarially manipulated data. Adversarial risk quantifies the error of classifiers in adversarial settings; adversarial classifiers minimize adversarial risk. In this paper, we analyze adversarial risk and adversarial classifiers from an optimal...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE transactions on information theory 2021-09, Vol.67 (9), p.6031-6052
Hauptverfasser:	Pydi, Muni Sreenivas, Jog, Varun
Format:	Artikel
Sprache:	eng
Schlagworte:	Algorithms Classifiers Convexity Couplings information theory Kernel Loss measurement Machine learning Measurement Perturbation methods Q measurement Risk analysis robustness Smoothness Statistical analysis statistical learning Transportation planning
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	6052
container_issue	9
container_start_page	6031
container_title	IEEE transactions on information theory
container_volume	67
creator	Pydi, Muni Sreenivas Jog, Varun
description	Modern machine learning algorithms perform poorly on adversarially manipulated data. Adversarial risk quantifies the error of classifiers in adversarial settings; adversarial classifiers minimize adversarial risk. In this paper, we analyze adversarial risk and adversarial classifiers from an optimal transport perspective. We show that the optimal adversarial risk for binary classification with 0-1 loss is determined by an optimal transport cost between the probability distributions of the two classes. We develop optimal transport plans (probabilistic couplings) for univariate distributions such as the normal, the uniform, and the triangular distribution. We also derive optimal adversarial classifiers in these settings. Our analysis leads to algorithm-independent fundamental limits on adversarial risk, which we calculate for several real-world datasets. We extend our results to general loss functions under convexity and smoothness assumptions.
doi_str_mv	10.1109/TIT.2021.3100107
format	Article
fullrecord	<record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_proquest_journals_2565237692</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9496634</ieee_id><sourcerecordid>2565237692</sourcerecordid><originalsourceid>FETCH-LOGICAL-c333t-ae27d2221559ff81ef7991f380ac993f32703a7cb81742e59a8c0669f2a9b3063</originalsourceid><addsrcrecordid>eNo9kM1Lw0AQxRdRsFbvgpeA58Td2a8MeCnFj0KhIPG8bNNdSY1J3E0L_vduaelpmMd7M48fIfeMFoxRfKoWVQEUWMEZpYzqCzJhUuoclRSXZJK0MkchymtyE-M2rUIymJDn2WbvQrShsW320cTvbN_YbDWMzU8SqmC7OPRhzGy3Oavzfje0TfcVb8mVt210d6c5JZ-vL9X8PV-u3hbz2TKvOedjbh3oDQCkPuh9yZzXiMzzktoakXsOmnKr63XJtAAn0ZY1VQo9WFxzqviUPB7vDqH_3bk4mm2_C116aUAqCVwrhOSiR1cd-hiD82YIqW_4M4yaAyOTGJkDI3NilCIPx0jjnDvbUaBSXPB_bfNgvA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2565237692</pqid></control><display><type>article</type><title>Adversarial Risk via Optimal Transport and Optimal Couplings</title><source>IEEE Electronic Library (IEL)</source><creator>Pydi, Muni Sreenivas ; Jog, Varun</creator><creatorcontrib>Pydi, Muni Sreenivas ; Jog, Varun</creatorcontrib><description>Modern machine learning algorithms perform poorly on adversarially manipulated data. Adversarial risk quantifies the error of classifiers in adversarial settings; adversarial classifiers minimize adversarial risk. In this paper, we analyze adversarial risk and adversarial classifiers from an optimal transport perspective. We show that the optimal adversarial risk for binary classification with 0-1 loss is determined by an optimal transport cost between the probability distributions of the two classes. We develop optimal transport plans (probabilistic couplings) for univariate distributions such as the normal, the uniform, and the triangular distribution. We also derive optimal adversarial classifiers in these settings. Our analysis leads to algorithm-independent fundamental limits on adversarial risk, which we calculate for several real-world datasets. We extend our results to general loss functions under convexity and smoothness assumptions.</description><identifier>ISSN: 0018-9448</identifier><identifier>EISSN: 1557-9654</identifier><identifier>DOI: 10.1109/TIT.2021.3100107</identifier><identifier>CODEN: IETTAW</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Algorithms ; Classifiers ; Convexity ; Couplings ; information theory ; Kernel ; Loss measurement ; Machine learning ; Measurement ; Perturbation methods ; Q measurement ; Risk analysis ; robustness ; Smoothness ; Statistical analysis ; statistical learning ; Transportation planning</subject><ispartof>IEEE transactions on information theory, 2021-09, Vol.67 (9), p.6031-6052</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2021</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c333t-ae27d2221559ff81ef7991f380ac993f32703a7cb81742e59a8c0669f2a9b3063</citedby><cites>FETCH-LOGICAL-c333t-ae27d2221559ff81ef7991f380ac993f32703a7cb81742e59a8c0669f2a9b3063</cites><orcidid>0000-0003-0311-150X ; 0000-0003-4159-0900</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9496634$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27924,27925,54758</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9496634$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Pydi, Muni Sreenivas</creatorcontrib><creatorcontrib>Jog, Varun</creatorcontrib><title>Adversarial Risk via Optimal Transport and Optimal Couplings</title><title>IEEE transactions on information theory</title><addtitle>TIT</addtitle><description>Modern machine learning algorithms perform poorly on adversarially manipulated data. Adversarial risk quantifies the error of classifiers in adversarial settings; adversarial classifiers minimize adversarial risk. In this paper, we analyze adversarial risk and adversarial classifiers from an optimal transport perspective. We show that the optimal adversarial risk for binary classification with 0-1 loss is determined by an optimal transport cost between the probability distributions of the two classes. We develop optimal transport plans (probabilistic couplings) for univariate distributions such as the normal, the uniform, and the triangular distribution. We also derive optimal adversarial classifiers in these settings. Our analysis leads to algorithm-independent fundamental limits on adversarial risk, which we calculate for several real-world datasets. We extend our results to general loss functions under convexity and smoothness assumptions.</description><subject>Algorithms</subject><subject>Classifiers</subject><subject>Convexity</subject><subject>Couplings</subject><subject>information theory</subject><subject>Kernel</subject><subject>Loss measurement</subject><subject>Machine learning</subject><subject>Measurement</subject><subject>Perturbation methods</subject><subject>Q measurement</subject><subject>Risk analysis</subject><subject>robustness</subject><subject>Smoothness</subject><subject>Statistical analysis</subject><subject>statistical learning</subject><subject>Transportation planning</subject><issn>0018-9448</issn><issn>1557-9654</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kM1Lw0AQxRdRsFbvgpeA58Td2a8MeCnFj0KhIPG8bNNdSY1J3E0L_vduaelpmMd7M48fIfeMFoxRfKoWVQEUWMEZpYzqCzJhUuoclRSXZJK0MkchymtyE-M2rUIymJDn2WbvQrShsW320cTvbN_YbDWMzU8SqmC7OPRhzGy3Oavzfje0TfcVb8mVt210d6c5JZ-vL9X8PV-u3hbz2TKvOedjbh3oDQCkPuh9yZzXiMzzktoakXsOmnKr63XJtAAn0ZY1VQo9WFxzqviUPB7vDqH_3bk4mm2_C116aUAqCVwrhOSiR1cd-hiD82YIqW_4M4yaAyOTGJkDI3NilCIPx0jjnDvbUaBSXPB_bfNgvA</recordid><startdate>20210901</startdate><enddate>20210901</enddate><creator>Pydi, Muni Sreenivas</creator><creator>Jog, Varun</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0003-0311-150X</orcidid><orcidid>https://orcid.org/0000-0003-4159-0900</orcidid></search><sort><creationdate>20210901</creationdate><title>Adversarial Risk via Optimal Transport and Optimal Couplings</title><author>Pydi, Muni Sreenivas ; Jog, Varun</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c333t-ae27d2221559ff81ef7991f380ac993f32703a7cb81742e59a8c0669f2a9b3063</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Algorithms</topic><topic>Classifiers</topic><topic>Convexity</topic><topic>Couplings</topic><topic>information theory</topic><topic>Kernel</topic><topic>Loss measurement</topic><topic>Machine learning</topic><topic>Measurement</topic><topic>Perturbation methods</topic><topic>Q measurement</topic><topic>Risk analysis</topic><topic>robustness</topic><topic>Smoothness</topic><topic>Statistical analysis</topic><topic>statistical learning</topic><topic>Transportation planning</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Pydi, Muni Sreenivas</creatorcontrib><creatorcontrib>Jog, Varun</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on information theory</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Pydi, Muni Sreenivas</au><au>Jog, Varun</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Adversarial Risk via Optimal Transport and Optimal Couplings</atitle><jtitle>IEEE transactions on information theory</jtitle><stitle>TIT</stitle><date>2021-09-01</date><risdate>2021</risdate><volume>67</volume><issue>9</issue><spage>6031</spage><epage>6052</epage><pages>6031-6052</pages><issn>0018-9448</issn><eissn>1557-9654</eissn><coden>IETTAW</coden><abstract>Modern machine learning algorithms perform poorly on adversarially manipulated data. Adversarial risk quantifies the error of classifiers in adversarial settings; adversarial classifiers minimize adversarial risk. In this paper, we analyze adversarial risk and adversarial classifiers from an optimal transport perspective. We show that the optimal adversarial risk for binary classification with 0-1 loss is determined by an optimal transport cost between the probability distributions of the two classes. We develop optimal transport plans (probabilistic couplings) for univariate distributions such as the normal, the uniform, and the triangular distribution. We also derive optimal adversarial classifiers in these settings. Our analysis leads to algorithm-independent fundamental limits on adversarial risk, which we calculate for several real-world datasets. We extend our results to general loss functions under convexity and smoothness assumptions.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TIT.2021.3100107</doi><tpages>22</tpages><orcidid>https://orcid.org/0000-0003-0311-150X</orcidid><orcidid>https://orcid.org/0000-0003-4159-0900</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 0018-9448
ispartof	IEEE transactions on information theory, 2021-09, Vol.67 (9), p.6031-6052
issn	0018-9448 1557-9654
language	eng
recordid	cdi_proquest_journals_2565237692
source	IEEE Electronic Library (IEL)
subjects	Algorithms Classifiers Convexity Couplings information theory Kernel Loss measurement Machine learning Measurement Perturbation methods Q measurement Risk analysis robustness Smoothness Statistical analysis statistical learning Transportation planning
title	Adversarial Risk via Optimal Transport and Optimal Couplings
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-20T18%3A03%3A07IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Adversarial%20Risk%20via%20Optimal%20Transport%20and%20Optimal%20Couplings&rft.jtitle=IEEE%20transactions%20on%20information%20theory&rft.au=Pydi,%20Muni%20Sreenivas&rft.date=2021-09-01&rft.volume=67&rft.issue=9&rft.spage=6031&rft.epage=6052&rft.pages=6031-6052&rft.issn=0018-9448&rft.eissn=1557-9654&rft.coden=IETTAW&rft_id=info:doi/10.1109/TIT.2021.3100107&rft_dat=%3Cproquest_RIE%3E2565237692%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2565237692&rft_id=info:pmid/&rft_ieee_id=9496634&rfr_iscdi=true