首页数学
0


在存在损坏输入的情况下进行学习和推理

Learning and inference in the presence of corrupted inputs
课程网址: https://videolectures.net/videos/colt2015_mansour_corrupted_input...  
主讲教师: Yishay Mansour
开课单位: 信息不详。欢迎您在右侧留言补充。
开课时间: 2025-02-04
课程语种: 英语
中文简介:
我们考虑一个模型,其中给定一个未损坏的输入,攻击者可以将其损坏为$m$损坏输入中的一个。我们将分类和推理问题建模为学习者(最小化预期误差)和对手(最大化预期误差)之间的零和游戏。这个游戏的价值是可实现的最佳错误率。对于在损坏的输入上使用有限的假设类$\calH$进行学习,我们给出了一个有效的算法,该算法给定一个未损坏的样本返回h $中的假设$h\,其在对抗性损坏的输入上的误差接近最优。我们的算法使用一个oracle作为黑盒,它解决了假设类$\calH$的ERM问题。我们为我们的设置提供了一个泛化边界,表明对于足够大的样本,样本上的性能和未来看不见的损坏输入将是相似的。这为我们的对抗性设置提供了一个有效的学习算法,基于ERM oracle。我们还考虑了一个与问题相关的推理设置,其中给定一个损坏的输入,学习器在各种未损坏的输入上查询目标函数,并针对给定的损坏输入生成预测。对于学习器可能生成的预测函数没有限制,因此假设类隐含地包含了所有可能的假设。在这种情况下,我们将最优学习者策略描述为给定二部图中的最小顶点覆盖,而最优对手策略描述为同一二部图中的最大匹配。我们设计了一种高效的局部算法来逼近二部图的最小顶点覆盖,这意味着一种高效的近似最优算法。
课程简介: We consider a model where given an uncorrupted input an adversary can corrupt it to one out of $m$ corrupted inputs. We model the classification and inference problems as a zero-sum game between a learner, minimizing the expected error, and an adversary, maximizing the expected error. The value of this game is the optimal error rate achievable. For learning using a limited hypothesis class $\calH$ over corrupted inputs, we give an efficient algorithm that given an uncorrupted sample returns a hypothesis $h\in H$ whose error on adversarially corrupted inputs is near optimal. Our algorithm uses as a blackbox an oracle that solves the ERM problem for the hypothesis class $\calH$. We provide a generalization bound for our setting, showing that for a sufficiently large sample, the performance on the sample and future unseen corrupted inputs will be similar. This gives an efficient learning algorithm for our adversarial setting, based on an ERM oracle. We also consider an inference related setting of the problem, where given a corrupted input, the learner queries the target function on various uncorrupted inputs and generates a prediction regarding the given corrupted input. There is no limitation on the prediction function the learner may generate, so implicitly the hypothesis class includes all possible hypotheses. In this setting we characterize the optimal learner policy as a minimum vertex cover in a given bipartite graph, and the optimal adversary policy as a maximum matching in the same bipartite graph. We design efficient local algorithms for approximating minimum vertex cover in bipartite graphs, which implies an efficient near optimal algorithm for the learner.
关 键 词: 零和游戏; 泛化边界; 二部图
课程来源: 视频讲座网
数据采集: 2025-03-29:zsp
最后编审: 2025-03-29:zsp
阅读次数: 2

纠错/补充/评论/留言
评论/留言 纠错/补充
验证算术题: 8 + 5 =