Open AccessPosted Content
Robustness Quantification for Classification with Gaussian Processes.
Arno Blaas,Luca Laurenti,Andrea Patane,Luca Cardelli,Marta Kwiatkowska,Stephen J. Roberts +5 more
- 28 May 2019
TL;DR: A framework that computes lower and upper bounds of the classification probabilities by over-approximating the exact range with an error bounded by $\epsilon$ and experimental comparison of several approximate inference methods for classification on tasks associated to MNIST and SPAM datasets is provided.
read more
Abstract: We consider Bayesian classification with Gaussian processes (GPs) and define robustness of a classifier in terms of the worst-case difference in the classification probabilities with respect to input perturbations. For a subset of the input space $T\subseteq \mathbb{R}^m$ such properties reduce to computing the infimum and supremum of the classification probabilities for all points in $T$. Unfortunately, computing the above values is very challenging, as the classification probabilities cannot be expressed analytically. Nevertheless, using the theory of Gaussian processes, we develop a framework that, for a given dataset $\mathcal{D}$, a compact set of input points $T\subseteq \mathbb{R}^m$ and an error threshold $\epsilon>0$, computes lower and upper bounds of the classification probabilities by over-approximating the exact range with an error bounded by $\epsilon$. We provide experimental comparison of several approximate inference methods for classification on tasks associated to MNIST and SPAM datasets showing that our results enable quantification of uncertainty in adversarial classification settings.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
•Posted Content
Robustness of Bayesian Neural Networks to Gradient-Based Attacks
Ginevra Carbone,Matthew Wicker,Luca Laurenti,Andrea Patane,Luca Bortolussi,Guido Sanguinetti +5 more
TL;DR: It is demonstrated that in the limit BNN posteriors are robust to gradient-based adversarial attacks, and experimental results on the MNIST and Fashion MNIST datasets with BNNs trained with Hamiltonian Monte Carlo and Variational Inference support this line of argument.
66
Safety Verification for Deep Neural Networks with Provable Guarantees (Invited Paper).
Marta Kwiatkowska
- 01 Jan 2019
TL;DR: Progress with developing automated verification techniques for deep neural networks to ensure safety and robustness of their decisions with respect to input perturbations is described.
16
•Posted Content
Safety Guarantees for Planning Based on Iterative Gaussian Processes.
Kyriakos Polymenakos,Luca Laurenti,Andrea Patane,Jan-Peter Calliess,Luca Cardelli,Marta Kwiatkowska,Alessandro Abate,Stephen J. Roberts +7 more
TL;DR: This work derives formal probability error bounds for iterative prediction and planning with GPs, and shows how the proposed bounds can be employed within a safe reinforcement learning framework to verify the safety of candidate control policies, guiding the synthesis of provably safe controllers.
11
•Posted Content
Adversarial vulnerability bounds for Gaussian process classification
TL;DR: An adversarial bound (AB) is devised for a Gaussian process classifier, that holds for the entire input domain, bounding the potential for any future adversarial method to cause such misclassification.
Gaussian Processes with Physiologically-Inspired Priors for Physical Arousal Recognition
Shadi Ghiasi,Andrea Patane,Alberto Greco,Luca Laurenti,Enzo Pasquale Scilingo,Marta Kwiatkowska +5 more
- 01 Jul 2020
TL;DR: The suitability of Gaussian Process Classification (GPC) as an effective model to implement the domain knowledge in an algorithm's training phase is investigated and the recognition of the presence of the physical stressor is significantly enhanced when the physiologically-inspired prior knowledge is injected into the GPC model.
References
Distinctive Image Features from Scale-Invariant Keypoints
TL;DR: This paper presents a method for extracting distinctive invariant features from images that can be used to perform reliable matching between different views of an object or scene and can robustly identify objects among clutter and occlusion while achieving near real-time performance.
Pattern Recognition and Machine Learning
TL;DR: This book covers a broad range of topics for regular factorial designs and presents all of the material in very mathematical fashion and will surely become an invaluable resource for researchers and graduate students doing research in the design of factorial experiments.
30.8K
"Why Should I Trust You?": Explaining the Predictions of Any Classifier
Marco Tulio Ribeiro,Sameer Singh,Carlos Guestrin +2 more
- 13 Aug 2016
TL;DR: In this article, the authors propose LIME, a method to explain models by presenting representative individual predictions and their explanations in a non-redundant way, framing the task as a submodular optimization problem.
•Posted Content
Explaining and Harnessing Adversarial Examples
TL;DR: The authors argue that the primary cause of neural networks' vulnerability to adversarial perturbation is their linear nature, which is supported by new quantitative results while giving the first explanation of the most intriguing fact about adversarial examples: their generalization across architectures and training sets.
15.9K
•Book
Bayesian learning for neural networks
Geoffrey E. Hinton,Radford M. Neal +1 more
- 01 Jan 1995
TL;DR: Bayesian Learning for Neural Networks shows that Bayesian methods allow complex neural network models to be used without fear of the "overfitting" that can occur with traditional neural network learning methods.
4.8K