Show simple item record

dc.contributor.authorPinot, Rafaël
dc.contributor.authorEttedgui, Raphaël
dc.contributor.authorRizk, Geovani
dc.contributor.authorChevaleyre, Yann
dc.contributor.authorAtif, Jamal
HAL ID: 15689
dc.date.accessioned2020-10-20T15:19:02Z
dc.date.available2020-10-20T15:19:02Z
dc.date.issued2020
dc.identifier.urihttps://basepub.dauphine.fr/handle/123456789/21131
dc.language.isoenen
dc.subjectMachine learning
dc.subject.ddc519en
dc.titleRandomization matters How to defend against strong adversarial attacks
dc.typeCommunication / Conférence
dc.description.abstractenIs there a classifier that ensures optimal robust-ness against all adversarial attacks? This paper answers this question by adopting a game-theoretic point of view. We show that adversarial attacks and defenses form an infinite zero-sum game where classical results (e.g. Sion theorems) do not apply. We demonstrate the non-existence of a Nash equilibrium in our game when the clas-sifier and the Adversary are both deterministic, hence giving a negative answer to the above question in the deterministic regime. Nonetheless, the question remains open in the randomized regime. We tackle this problem by showing that, under mild conditions on the dataset distribution, any deterministic classifier can be outperformed by a randomized one. This gives arguments for using randomization, and leads us to a new algorithm for building randomized classifiers that are robust to strong adversarial attacks. Empirical results validate our theoretical analysis, and show that our defense method considerably outperforms Adver-sarial Training against state-of-the-art attacks.
dc.identifier.urlsitehttps://hal.archives-ouvertes.fr/hal-02892161
dc.subject.ddclabelProbabilités et mathématiques appliquéesen
dc.relation.conftitleThirty-seventh International Conference on Machine Learning (ICML 2020)
dc.relation.confdate2020-07
dc.relation.confcityVienna
dc.relation.confcountryAUSTRIA
dc.relation.forthcomingnonen
dc.description.ssrncandidatenon
dc.description.halcandidatenon
dc.description.readershiprecherche
dc.description.audienceInternational
dc.date.updated2020-12-17T09:31:41Z


Files in this item

FilesSizeFormatView

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record