Precise Accuracy / Robustness Tradeoffs in Regression: Case of General Norms

Elvis Dohmatob, Meyer Scetbon
Proceedings of the 41st International Conference on Machine Learning, PMLR 235:11198-11226, 2024.

Abstract

In this paper, we investigate the impact of test-time adversarial attacks on linear regression models and determine the optimal level of robustness that any model can reach while maintaining a given level of standard predictive performance (accuracy). Through quantitative estimates, we uncover fundamental tradeoffs between adversarial robustness and accuracy in different regimes. We obtain a precise characterization which distinguishes between regimes where robustness is achievable without hurting standard accuracy and regimes where a tradeoff might be unavoidable. Our findings are empirically confirmed with simple experiments that represent a variety of settings. This work covers feature covariance matrices and attack norms of any nature, extending previous works in this area.

Cite this Paper

BibTeX
@InProceedings{pmlr-v235-dohmatob24c, title = {Precise Accuracy / Robustness Tradeoffs in Regression: Case of General Norms}, author = {Dohmatob, Elvis and Scetbon, Meyer}, booktitle = {Proceedings of the 41st International Conference on Machine Learning}, pages = {11198--11226}, year = {2024}, editor = {Salakhutdinov, Ruslan and Kolter, Zico and Heller, Katherine and Weller, Adrian and Oliver, Nuria and Scarlett, Jonathan and Berkenkamp, Felix}, volume = {235}, series = {Proceedings of Machine Learning Research}, month = {21--27 Jul}, publisher = {PMLR}, pdf = {https://raw.githubusercontent.com/mlresearch/v235/main/assets/dohmatob24c/dohmatob24c.pdf}, url = {https://proceedings.mlr.press/v235/dohmatob24c.html}, abstract = {In this paper, we investigate the impact of test-time adversarial attacks on linear regression models and determine the optimal level of robustness that any model can reach while maintaining a given level of standard predictive performance (accuracy). Through quantitative estimates, we uncover fundamental tradeoffs between adversarial robustness and accuracy in different regimes. We obtain a precise characterization which distinguishes between regimes where robustness is achievable without hurting standard accuracy and regimes where a tradeoff might be unavoidable. Our findings are empirically confirmed with simple experiments that represent a variety of settings. This work covers feature covariance matrices and attack norms of any nature, extending previous works in this area.} }
Endnote
%0 Conference Paper %T Precise Accuracy / Robustness Tradeoffs in Regression: Case of General Norms %A Elvis Dohmatob %A Meyer Scetbon %B Proceedings of the 41st International Conference on Machine Learning %C Proceedings of Machine Learning Research %D 2024 %E Ruslan Salakhutdinov %E Zico Kolter %E Katherine Heller %E Adrian Weller %E Nuria Oliver %E Jonathan Scarlett %E Felix Berkenkamp %F pmlr-v235-dohmatob24c %I PMLR %P 11198--11226 %U https://proceedings.mlr.press/v235/dohmatob24c.html %V 235 %X In this paper, we investigate the impact of test-time adversarial attacks on linear regression models and determine the optimal level of robustness that any model can reach while maintaining a given level of standard predictive performance (accuracy). Through quantitative estimates, we uncover fundamental tradeoffs between adversarial robustness and accuracy in different regimes. We obtain a precise characterization which distinguishes between regimes where robustness is achievable without hurting standard accuracy and regimes where a tradeoff might be unavoidable. Our findings are empirically confirmed with simple experiments that represent a variety of settings. This work covers feature covariance matrices and attack norms of any nature, extending previous works in this area.
APA
Dohmatob, E. & Scetbon, M.. (2024). Precise Accuracy / Robustness Tradeoffs in Regression: Case of General Norms. Proceedings of the 41st International Conference on Machine Learning, in Proceedings of Machine Learning Research 235:11198-11226 Available from https://proceedings.mlr.press/v235/dohmatob24c.html.

Related Material