making generalization robust
play

Making Generalization Robust Katrina Ligett HUJI & Caltech - PowerPoint PPT Presentation

Jul 31, 2023 •336 likes •904 views

Making Generalization Robust Katrina Ligett HUJI & Caltech joint with Rachel Cummings, Kobbi Nissim, Aaron Roth, and Steven Wu A model for science A model for science Hypothesis Learning Alg domain: contains all possible

  1. Making Generalization Robust Katrina Ligett HUJI & Caltech joint with Rachel Cummings, Kobbi Nissim, Aaron Roth, and Steven Wu

  2. A model for science…

  3. A model for science…

  4. Hypothesis Learning Alg • domain: contains all possible examples • hypothesis: X-> {0,1} labels examples • learning alg samples labeled examples, returns hypothesis

  5. Hypothesis Learning Alg The goal of science: Find hypothesis that has low true error on the distribution D: err(h) = Pr x~D [h(x) ≠ h*(x)]

  6. Why does science work?

  7. Why does science work?

  8. Hypothesis Learning Alg The goal of science: Find hypothesis that has low true error on the distribution D: err(h) = Pr x~D [h(x) ≠ h*(x)] Idea: find hypothesis that has low empirical error on S, plus guarantee that findings on the sample generalize to D

  9. Hypothesis Learning Alg Empirical error: err E (h) = 1/n ∑ x ∈ S 1 [h(x) ≠ h*(x)] Generalization: output h s.t. Pr[|h(S) - h(D) |] ≤ 𝛃 ] ≥ 1 - β

  10. taken from Understanding Machine Learning, Shai Shalev-Schwarts and Shai Ben-David

  11. Problem solved!

  12. Science doesn’t Problem happen in a solved? vacuum.

  13. One thing that can go wrong: post-processing

  14. • Learning an SVM: Output encodes Support Vectors (sample points) • This output could be post-processed to obtain a non-generalizing hypothesis: “10% of all data points are x_k”

  15. Oh, man. Our approach on this Kaggle competition really failed on the test data. Oh well, let’s try again. Did you see that paper published by the Smith lab? Yeah, I bet they’d see an even bigger effect if they accounted for sunspots! The journal requires open access to the data—let’s try it and see!

  16. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . .

  17. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . .

  18. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . . Adaptive composition can cause overfitting! Generalization guarantees don’t “add up”

  19. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . . Adaptive composition can cause overfitting! Generalization guarantees don’t “add up” • Pick parameters; fit model

  20. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . . Adaptive composition can cause overfitting! Generalization guarantees don’t “add up” • Pick parameters; fit model • ML competitions

  21. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . . Adaptive composition can cause overfitting! Generalization guarantees don’t “add up” • Pick parameters; fit model • ML competitions • Scientific fields that share one dataset

  22. Some basic questions • Is it possible to get good learning algorithms that also are robust to post-processing? Adaptive composition? • How to construct them? Existing algorithms? How much extra data do they need? • Accuracy + generalization + post-processing-robustness = ? • Accuracy + generalization + adaptive composition = ? • What composes with what? How well (how quickly does generalization degrade)? Why?

  23. Notice: generalization doesn’t require correct hypotheses, just that they perform the same on the sample as on the distribution Generalization alone is easy. What’s interesting: generalization + accuracy.

  24. Generalization + post-processing robustness • Robust generalization “no adversary can use output to find a hypothesis that overfits” information-theoretic (could think computational)

  25. Robust Generalization

  26. Robust Generalization • Robust to post-processing • Somewhat robust to adaptive composition (more on this later)

  27. Do Robustly-Generalizing Algs Exist?

  28. Do Robustly-Generalizing Algs Exist? Yes!

  29. Do Robustly-Generalizing Algs Exist? Yes!

  30. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization

  31. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization • [DFHPRR15a]: Bounded description length -> Robust Generalization

  32. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization • [DFHPRR15a]: Bounded description length -> Robust Generalization • [BNSSSU16]: Differential privacy -> Robust Generalization

  33. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization • [DFHPRR15a]: Bounded description length -> Robust Generalization • [BNSSSU16]: Differential privacy -> Robust Generalization

  34. Compression schemes Hypothesis

  35. Compression schemes Hypothesis

  36. Robust Generalization via compression A A algorithm

  37. What Can be Learned under RG? Theorem (informal; thanks to Shay Moran): sample complexity of robustly generalizing learning is the same up to log factors, as the sample complexity of PAC learning

  38. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization • [DFHPRR15a]: Bounded description length -> Robust Generalization • [BNSSSU16]: Differential privacy -> Robust Generalization

  40. Differential Privacy [DMNS ‘06]

  41. Differential Privacy [DMNS ‘06] • Robust to post-processing [DMNS ‘06] and adaptive composition [DRV ‘10] • Necessarily randomized output • No mention of how samples drawn!

  42. Does DP = RG?

  43. Does DP = RG?

  44. Does DP = RG?

  45. Does DP = RG? No “quick fix” to make RG learner satisfy DP

  46. Notions of generalization • Robust generalization “no adversary can use output to find a hypothesis that overfits” • Differential privacy [DMNS ‘06] “similar samples should have the same output” • Perfect generalization “output reveals nothing about the sample”

  47. Perfect Generalization

  48. PG as a privacy notion • Differential privacy gives privacy to the individual Changing one entry in the database shouldn’t change the output too much • Perfect generalization gives privacy to the data provider (e.g. school, hospital) Changing the entire sample to something “typical” shouldn’t change the output too much

  49. Exponential Mechanism [MT07]

  50. DP implies PG with worse parameters

  51. PG implies DP…sort of

  52. PG implies DP…sort of

  53. PG implies DP…sort of Problems that are solvable under PG are also solvable under DP

  54. Notions of generalization • Robust generalization “no adversary can use output to find a hypothesis that overfits” • Differential privacy [DMNS ‘06] “similar samples should have the same output” • Perfect generalization “output reveals nothing about the sample”

  55. Some basic questions • Is it possible to get good learning algorithms that also are robust to post-processing? Adaptive composition? • How to construct them? Existing algorithms? How much extra data do they need? • Accuracy + generalization + post-processing-robustness = ? • Accuracy + generalization + adaptive composition = ? • What composes with what? How well (how quickly does generalization degrade)? Why?

  56. Making Generalization Robust Katrina Ligett katrina.ligett@mail.huji.ac.il HUJI & Caltech joint with Rachel Cummings, Kobbi Nissim, Aaron Roth, and Steven Wu

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Better generalization with less data using robust gradient descent Matthew J. Holland 1 Kazushi

Better generalization with less data using robust gradient descent Matthew J. Holland 1 Kazushi

Better generalization with less data using robust gradient descent Matthew J. Holland 1 Kazushi Ikeda 2 1 Osaka University 2 Nara Institute of Science and Technology Distribution robustness In practice, the learner does not know what kind of data

893 views • 16 slides
Adversarially Robust Generalization Requires More Data Ludwig Schmidt Shibani Santurkar

Adversarially Robust Generalization Requires More Data Ludwig Schmidt Shibani Santurkar

Adversarially Robust Generalization Requires More Data Ludwig Schmidt Shibani Santurkar Dimitris Tsipras Poster #31 Kunal Talwar Aleksander M dry Adversarial Examples [Szegedy, Zaremba, Sutskever, Bruna, Erhan, Goodfellow,

2.52k views • 13 slides
Making the Most of Wi-Fi Op3misa3ons for Robust Wireless

Making the Most of Wi-Fi Op3misa3ons for Robust Wireless

Making the Most of Wi-Fi Op3misa3ons for Robust Wireless Live Music Performance Thomas Mitchell University of the West of England, Bristol, UK

383 views • 21 slides
HBF Planning Conference Richard McCarthy We want a system that produces a robust decision making

HBF Planning Conference Richard McCarthy We want a system that produces a robust decision making

HBF Planning Conference Richard McCarthy We want a system that produces a robust decision making framework A decision making framework that sets out a long term vision for places Balances/integrates economic, social and environmental

409 views • 17 slides
Making Deep Q-learning Approaches Robust to Time Discretization Corentin Tallec L eonard

Making Deep Q-learning Approaches Robust to Time Discretization Corentin Tallec L eonard

Making Deep Q-learning Approaches Robust to Time Discretization Corentin Tallec L eonard Blier Yann Ollivier Universit e Paris-Sud, Facebook AI Research June 4, 2019 C. Tallec et al. (UPSUD, FAIR) Framerate robust DQ Learning June 4,

335 views • 4 slides
Making Default Address Selection More Robust FoolProof

Making Default Address Selection More Robust FoolProof

Making Default Address Selection More Robust FoolProof draft-linkova-6man-default-addr-selection-update-00 Jen Linkova IETF99, Prague, July 2017 When Does a Host Stop Using an Address? Preferred lifetime expired An RA received

540 views • 14 slides
electrophysiology for robust decision making in CNS drug discovery programs Robert E. Petroski,

electrophysiology for robust decision making in CNS drug discovery programs Robert E. Petroski,

in vitro and in vivo electrophysiology for robust decision making in CNS drug discovery programs Robert E. Petroski, PhD MAY 28, 2020 WELCOME TO TODAYS WEBINAR! Marketing & Communication Manager Neuroservices-Alliance in CNS drug

440 views • 30 slides
making robust Bridging the Gap Between Standards and the Marketplace digital books Dave

making robust Bridging the Gap Between Standards and the Marketplace digital books Dave

making robust Bridging the Gap Between Standards and the Marketplace digital books Dave Cramer Phil Madans Hachette Book Group Monday, February 11, 13 first Case Study: L.A. Noire Monday, February 11, 13 ADE (and intended design)

407 views • 16 slides
Making Google Congestion Control Robust over Wi-Fi Networks Using Packet Grouping Applied

Making Google Congestion Control Robust over Wi-Fi Networks Using Packet Grouping Applied

Making Google Congestion Control Robust over Wi-Fi Networks Using Packet Grouping Applied Networking Research Workshop 2016 Berlin, Germany, July 2016 (PDF) G. Carlucci, L. De Cicco, S. Holmer*, S. Mascolo Politecnico di Bari, Italy, *Google

593 views • 23 slides
Decision-making under uncertainty: Robust approaches for adapting to climate change using

Decision-making under uncertainty: Robust approaches for adapting to climate change using

Decision-making under uncertainty: Robust approaches for adapting to climate change using afforestation as an example. Anita Wreford Anita Wreford and Ruth Dittrich Scion SRUC NZARES Conference Nelson 24-26 August Outline 1. Uncertainty in

405 views • 17 slides
Developmental Evaluation Preparing to integrate real-time feedback and robust sense- making into

Developmental Evaluation Preparing to integrate real-time feedback and robust sense- making into

15#04#09' Developmental Evaluation Preparing to integrate real-time feedback and robust sense- making into your adaptive work. April'14,'2015' Presented'by:' Jamie'Gamble,'Imprint'Consul@ng'' H ere to T here 1' 15#04#09' Our'Time'Today' '

651 views • 38 slides
Making deep neural networks robust to label noise: a loss correction approach Giorgio Patrini

Making deep neural networks robust to label noise: a loss correction approach Giorgio Patrini

Making deep neural networks robust to label noise: a loss correction approach Giorgio Patrini 23 July 2017 CVPR, Honolulu joint work with Alessandro Rozza, Aditya Krishna Menon, Richard Nock and Lizhen Qu ANU, Data61, Waynaut, University

508 views • 28 slides
SpamResist: Making Peer-to-Peer Tagging SpamResist: Making Peer-to-Peer Tagging Systems Robust to

SpamResist: Making Peer-to-Peer Tagging SpamResist: Making Peer-to-Peer Tagging Systems Robust to

SpamResist: Making Peer-to-Peer Tagging SpamResist: Making Peer-to-Peer Tagging Systems Robust to Spam Systems Robust to Spam Ennan Ennan Zhai, Zhai, Ruichuan Ruichuan Chen, Eng Keong hen, Eng Keong Lua* Lua* Long Zhang, Long Zhang,

648 views • 64 slides
Deep learning: Challenges in learning and generalization Tomas Mikolov, Facebook AI What is

Deep learning: Challenges in learning and generalization Tomas Mikolov, Facebook AI What is

Deep learning: Challenges in learning and generalization Tomas Mikolov, Facebook AI What is generalization? Memorization to remember all training examples (Universal Approximator) 2 + 3 = 5, 3 + 2 = 5, ... Generalization to

281 views • 14 slides
Generalization of Cycle-Covering Heuristics Clemens B uchner Department of Mathematics and

Generalization of Cycle-Covering Heuristics Clemens B uchner Department of Mathematics and

Generalization of Cycle-Covering Heuristics Masters Thesis Presentation Generalization of Cycle-Covering Heuristics Clemens B uchner Department of Mathematics and Computer Science University of Basel May 14, 2020 Generalization of

877 views • 54 slides
VC GENERALIZATION BOUND VC GENERALIZATION BOUND Matthieu Bloch March 12, 2020 1 LOGISTICS (AND

VC GENERALIZATION BOUND VC GENERALIZATION BOUND Matthieu Bloch March 12, 2020 1 LOGISTICS (AND

VC GENERALIZATION BOUND VC GENERALIZATION BOUND Matthieu Bloch March 12, 2020 1 LOGISTICS (AND BABY PICTURE) LOGISTICS (AND BABY PICTURE) Problem Set 4 Assigned very soon, but no work expected during Spring break Project proposal Deadline

372 views • 11 slides
Regression and generalization CE-717: Machine Learning Sharif University of Technology M.

Regression and generalization CE-717: Machine Learning Sharif University of Technology M.

Regression and generalization CE-717: Machine Learning Sharif University of Technology M. Soleymani Fall 2018 Topics } Beyond linear regression models } Evaluation & model selection } Regularization } Bias-Variance 2 Recall: Linear

1.08k views • 70 slides
Generalizing Word Embeddings using Bag of Subwords Jinman Zhao , Sidharth Mudgal, Yingyu Liang

Generalizing Word Embeddings using Bag of Subwords Jinman Zhao , Sidharth Mudgal, Yingyu Liang

Generalizing Word Embeddings using Bag of Subwords Jinman Zhao , Sidharth Mudgal, Yingyu Liang University of Wisconsin-Madison Nov. 2, 2018 @ EMNLP Word Embeddings the [ -0.1 0.1 0.3 ... ] Belgium officially the Kingdom of Belgium, is a

244 views • 22 slides
Signed posets and a B -symmetric generalization of Stanleys acyclicity theorem Jake Huryn, Kat

Signed posets and a B -symmetric generalization of Stanleys acyclicity theorem Jake Huryn, Kat

Signed graphs Colorings Acyclic orientations References Signed posets and a B -symmetric generalization of Stanleys acyclicity theorem Jake Huryn, Kat Husar, and Hannah Johnson joint work with Eric Fawcett, Torey Hilbert and Mikey Reilly

878 views • 59 slides
Lack of Generalization Feature Vectors Rather than use every single detail of a state space, we }

Lack of Generalization Feature Vectors Rather than use every single detail of a state space, we }

Extending the Value Update Procedure function Q-Learning ( mdp ) returns a policy inputs : mdp , an MDP s S, a A, Q ( s, a ) = 0 repeat for each episode E : set start-state s s 0 repeat for each time-step t of episode E , until s

243 views • 9 slides
mechanized reasoning favonia 1 2 2 2 checked! 2 Peace of Mind 3 *photo credit:

mechanized reasoning favonia 1 2 2 2 checked! 2 Peace of Mind 3 *photo credit:

mechanized reasoning favonia 1 2 2 2 checked! 2 Peace of Mind 3 *photo credit: voltamax@pixabay Dream Everyone can (easily) check their work in computers 4 Notable Projects Four-color theorem

527 views • 37 slides
Generalized Cauchy determinant and Schur Pfaffian, and Their Applications Soichi OKADA (Nagoya

Generalized Cauchy determinant and Schur Pfaffian, and Their Applications Soichi OKADA (Nagoya

Generalized Cauchy determinant and Schur Pfaffian, and Their Applications Soichi OKADA (Nagoya University) Lattice Models: Exact Methods and Combinatorics Firenze, May 21, 2015 Cauchy determinants 1 i<j n ( x j x i ) (

689 views • 53 slides
A generalization of Quantum Relative Entropy Luiza H.F. Andrade 1 Rui F. Vigelis 2 Charles C.

A generalization of Quantum Relative Entropy Luiza H.F. Andrade 1 Rui F. Vigelis 2 Charles C.

Introduction Generalized Relative Entropy Conclusion A generalization of Quantum Relative Entropy Luiza H.F. Andrade 1 Rui F. Vigelis 2 Charles C. Cavalcante 3 1 Department of Natural Science, Mathematics and Statistics Federal Rural University

412 views • 19 slides
Martingales and the Method of Bounded Differences Advanced Algorithms Nanjing University, Fall

Martingales and the Method of Bounded Differences Advanced Algorithms Nanjing University, Fall

Martingales and the Method of Bounded Differences Advanced Algorithms Nanjing University, Fall 2018 (Some) Concentration Inequalities Question: probability that X deviates more than from expectation? (Some) Concentration Inequalities

2.13k views • 171 slides

More recommend