We consider a model where given an uncorrupted input an adversary can corrupt it to one out of m corrupted inputs. We model the classification and inference problems as a zero-sum game between a learner, minimizing the expected error, and an adversary, maximizing the expected error. The value of this game is the optimal error rate achievable. For learning using a limited hypothesis class H over corrupted inputs, we give an efficient algorithm that given an uncorrupted sample returns a hypothesis h ∈ H whose error on adversarially corrupted inputs is near optimal. Our algorithm uses as a blackbox an oracle that solves the ERM problem for the hypothesis class H. We provide a generalization bound for our setting, showing that for a sufficiently large sample, the performance on the sample and on future unseen corrupted inputs will be similar. This gives an efficient learning algorithm for our adversarial setting, based on an ERM oracle. We also consider an inference related setting of the problem, where given a corrupted input, the learner queries the target function on various uncorrupted inputs and generates a prediction regarding the given corrupted input. There is no limitation on the prediction function the learner may generate, so implicitly the hypothesis class includes all possible hypotheses. In this setting we characterize the optimal learner policy as a minimum vertex cover in a given bipartite graph, and the optimal adversary policy as a maximum matching in the same bipartite graph. We design efficient local algorithms for approximating minimum vertex cover in bipartite graphs, which implies an efficient near optimal algorithm for the learner.
[1]
Richard M. Karp,et al.
A n^5/2 Algorithm for Maximum Matchings in Bipartite Graphs
,
1971,
SWAT.
[2]
Leslie G. Valiant,et al.
Learning Disjunction of Conjunctions
,
1985,
IJCAI.
[3]
Ming Li,et al.
Learning in the presence of malicious errors
,
1993,
STOC '88.
[4]
Dana Ron,et al.
Property Testing in Bounded Degree Graphs
,
2002,
STOC '97.
[5]
Y. Freund,et al.
Adaptive game playing using multiplicative weights
,
1999
.
[6]
D. Angluin,et al.
Learning From Noisy Examples
,
1988,
Machine Learning.
[7]
Yishay Mansour,et al.
Improved second-order bounds for prediction with expert advice
,
2006,
Machine Learning.
[8]
Ronitt Rubinfeld,et al.
Fast Local Computation Algorithms
,
2011,
ICS.
[9]
Noga Alon,et al.
Space-efficient local computation algorithms
,
2011,
SODA.
[10]
Yoav Freund,et al.
Boosting: Foundations and Algorithms
,
2012
.
[11]
Yishay Mansour,et al.
Converting Online Algorithms to Local Computation Algorithms
,
2012,
ICALP.
[12]
Alex M. Andrew,et al.
Boosting: Foundations and Algorithms
,
2012
.
[13]
Yishay Mansour,et al.
A Local Computation Approximation Scheme to Maximum Matching
,
2013,
APPROX-RANDOM.
[14]
Dana Ron,et al.
Best of Two Local Models: Local Centralized and Local Distributed Algorithms
,
2014,
ArXiv.
[15]
Moshe Tennenholtz,et al.
Robust Probabilistic Inference
,
2015,
SODA.