making generalization robust
play

Making Generalization Robust Katrina Ligett HUJI & Caltech - PowerPoint PPT Presentation

Jul 31, 2023 •336 likes •904 views

Making Generalization Robust Katrina Ligett HUJI & Caltech joint with Rachel Cummings, Kobbi Nissim, Aaron Roth, and Steven Wu A model for science A model for science Hypothesis Learning Alg domain: contains all possible

  1. Making Generalization Robust Katrina Ligett HUJI & Caltech joint with Rachel Cummings, Kobbi Nissim, Aaron Roth, and Steven Wu

  2. A model for science…

  3. A model for science…

  4. Hypothesis Learning Alg • domain: contains all possible examples • hypothesis: X-> {0,1} labels examples • learning alg samples labeled examples, returns hypothesis

  5. Hypothesis Learning Alg The goal of science: Find hypothesis that has low true error on the distribution D: err(h) = Pr x~D [h(x) ≠ h*(x)]

  6. Why does science work?

  7. Why does science work?

  8. Hypothesis Learning Alg The goal of science: Find hypothesis that has low true error on the distribution D: err(h) = Pr x~D [h(x) ≠ h*(x)] Idea: find hypothesis that has low empirical error on S, plus guarantee that findings on the sample generalize to D

  9. Hypothesis Learning Alg Empirical error: err E (h) = 1/n ∑ x ∈ S 1 [h(x) ≠ h*(x)] Generalization: output h s.t. Pr[|h(S) - h(D) |] ≤ 𝛃 ] ≥ 1 - β

  10. taken from Understanding Machine Learning, Shai Shalev-Schwarts and Shai Ben-David

  11. Problem solved!

  12. Science doesn’t Problem happen in a solved? vacuum.

  13. One thing that can go wrong: post-processing

  14. • Learning an SVM: Output encodes Support Vectors (sample points) • This output could be post-processed to obtain a non-generalizing hypothesis: “10% of all data points are x_k”

  15. Oh, man. Our approach on this Kaggle competition really failed on the test data. Oh well, let’s try again. Did you see that paper published by the Smith lab? Yeah, I bet they’d see an even bigger effect if they accounted for sunspots! The journal requires open access to the data—let’s try it and see!

  16. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . .

  17. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . .

  18. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . . Adaptive composition can cause overfitting! Generalization guarantees don’t “add up”

  19. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . . Adaptive composition can cause overfitting! Generalization guarantees don’t “add up” • Pick parameters; fit model

  20. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . . Adaptive composition can cause overfitting! Generalization guarantees don’t “add up” • Pick parameters; fit model • ML competitions

  21. A second big problem: adaptive composition q 1 a 1 q 2 a 2 . . . Adaptive composition can cause overfitting! Generalization guarantees don’t “add up” • Pick parameters; fit model • ML competitions • Scientific fields that share one dataset

  22. Some basic questions • Is it possible to get good learning algorithms that also are robust to post-processing? Adaptive composition? • How to construct them? Existing algorithms? How much extra data do they need? • Accuracy + generalization + post-processing-robustness = ? • Accuracy + generalization + adaptive composition = ? • What composes with what? How well (how quickly does generalization degrade)? Why?

  23. Notice: generalization doesn’t require correct hypotheses, just that they perform the same on the sample as on the distribution Generalization alone is easy. What’s interesting: generalization + accuracy.

  24. Generalization + post-processing robustness • Robust generalization “no adversary can use output to find a hypothesis that overfits” information-theoretic (could think computational)

  25. Robust Generalization

  26. Robust Generalization • Robust to post-processing • Somewhat robust to adaptive composition (more on this later)

  27. Do Robustly-Generalizing Algs Exist?

  28. Do Robustly-Generalizing Algs Exist? Yes!

  29. Do Robustly-Generalizing Algs Exist? Yes!

  30. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization

  31. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization • [DFHPRR15a]: Bounded description length -> Robust Generalization

  32. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization • [DFHPRR15a]: Bounded description length -> Robust Generalization • [BNSSSU16]: Differential privacy -> Robust Generalization

  33. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization • [DFHPRR15a]: Bounded description length -> Robust Generalization • [BNSSSU16]: Differential privacy -> Robust Generalization

  34. Compression schemes Hypothesis

  35. Compression schemes Hypothesis

  36. Robust Generalization via compression A A algorithm

  37. What Can be Learned under RG? Theorem (informal; thanks to Shay Moran): sample complexity of robustly generalizing learning is the same up to log factors, as the sample complexity of PAC learning

  38. Do Robustly-Generalizing Algs Exist? Yes! • This paper: Compression Schemes -> Robust Generalization • [DFHPRR15a]: Bounded description length -> Robust Generalization • [BNSSSU16]: Differential privacy -> Robust Generalization

  40. Differential Privacy [DMNS ‘06]

  41. Differential Privacy [DMNS ‘06] • Robust to post-processing [DMNS ‘06] and adaptive composition [DRV ‘10] • Necessarily randomized output • No mention of how samples drawn!

  42. Does DP = RG?

  43. Does DP = RG?

  44. Does DP = RG?

  45. Does DP = RG? No “quick fix” to make RG learner satisfy DP

  46. Notions of generalization • Robust generalization “no adversary can use output to find a hypothesis that overfits” • Differential privacy [DMNS ‘06] “similar samples should have the same output” • Perfect generalization “output reveals nothing about the sample”

  47. Perfect Generalization

  48. PG as a privacy notion • Differential privacy gives privacy to the individual Changing one entry in the database shouldn’t change the output too much • Perfect generalization gives privacy to the data provider (e.g. school, hospital) Changing the entire sample to something “typical” shouldn’t change the output too much

  49. Exponential Mechanism [MT07]

  50. DP implies PG with worse parameters

  51. PG implies DP…sort of

  52. PG implies DP…sort of

  53. PG implies DP…sort of Problems that are solvable under PG are also solvable under DP

  54. Notions of generalization • Robust generalization “no adversary can use output to find a hypothesis that overfits” • Differential privacy [DMNS ‘06] “similar samples should have the same output” • Perfect generalization “output reveals nothing about the sample”

  55. Some basic questions • Is it possible to get good learning algorithms that also are robust to post-processing? Adaptive composition? • How to construct them? Existing algorithms? How much extra data do they need? • Accuracy + generalization + post-processing-robustness = ? • Accuracy + generalization + adaptive composition = ? • What composes with what? How well (how quickly does generalization degrade)? Why?

  56. Making Generalization Robust Katrina Ligett katrina.ligett@mail.huji.ac.il HUJI & Caltech joint with Rachel Cummings, Kobbi Nissim, Aaron Roth, and Steven Wu

Recommend

Better generalization with less data using robust gradient descent Matthew J. Holland 1 Kazushi

Better generalization with less data using robust gradient descent Matthew J. Holland 1 Kazushi

Better generalization with less data using robust gradient descent Matthew J. Holland 1 Kazushi Ikeda 2 1 Osaka University 2 Nara Institute of Science and Technology Distribution robustness In practice, the learner does not know what kind of data

893 views • 16 slides
Adversarially Robust Generalization Requires More Data Ludwig Schmidt Shibani Santurkar

Adversarially Robust Generalization Requires More Data Ludwig Schmidt Shibani Santurkar

Adversarially Robust Generalization Requires More Data Ludwig Schmidt Shibani Santurkar Dimitris Tsipras Poster #31 Kunal Talwar Aleksander M dry Adversarial Examples [Szegedy, Zaremba, Sutskever, Bruna, Erhan, Goodfellow,

2.52k views • 13 slides
Making the Most of Wi-Fi Op3misa3ons for Robust Wireless

Making the Most of Wi-Fi Op3misa3ons for Robust Wireless

Making the Most of Wi-Fi Op3misa3ons for Robust Wireless Live Music Performance Thomas Mitchell University of the West of England, Bristol, UK

383 views • 21 slides
HBF Planning Conference Richard McCarthy We want a system that produces a robust decision making

HBF Planning Conference Richard McCarthy We want a system that produces a robust decision making

HBF Planning Conference Richard McCarthy We want a system that produces a robust decision making framework A decision making framework that sets out a long term vision for places Balances/integrates economic, social and environmental

409 views • 17 slides
Making Deep Q-learning Approaches Robust to Time Discretization Corentin Tallec L eonard

Making Deep Q-learning Approaches Robust to Time Discretization Corentin Tallec L eonard

Making Deep Q-learning Approaches Robust to Time Discretization Corentin Tallec L eonard Blier Yann Ollivier Universit e Paris-Sud, Facebook AI Research June 4, 2019 C. Tallec et al. (UPSUD, FAIR) Framerate robust DQ Learning June 4,

335 views • 4 slides
Making Default Address Selection More Robust FoolProof

Making Default Address Selection More Robust FoolProof

Making Default Address Selection More Robust FoolProof draft-linkova-6man-default-addr-selection-update-00 Jen Linkova IETF99, Prague, July 2017 When Does a Host Stop Using an Address? Preferred lifetime expired An RA received

540 views • 14 slides
electrophysiology for robust decision making in CNS drug discovery programs Robert E. Petroski,

electrophysiology for robust decision making in CNS drug discovery programs Robert E. Petroski,

in vitro and in vivo electrophysiology for robust decision making in CNS drug discovery programs Robert E. Petroski, PhD MAY 28, 2020 WELCOME TO TODAYS WEBINAR! Marketing & Communication Manager Neuroservices-Alliance in CNS drug

440 views • 30 slides
making robust Bridging the Gap Between Standards and the Marketplace digital books Dave

making robust Bridging the Gap Between Standards and the Marketplace digital books Dave

making robust Bridging the Gap Between Standards and the Marketplace digital books Dave Cramer Phil Madans Hachette Book Group Monday, February 11, 13 first Case Study: L.A. Noire Monday, February 11, 13 ADE (and intended design)

407 views • 16 slides
Making Google Congestion Control Robust over Wi-Fi Networks Using Packet Grouping Applied

Making Google Congestion Control Robust over Wi-Fi Networks Using Packet Grouping Applied

Making Google Congestion Control Robust over Wi-Fi Networks Using Packet Grouping Applied Networking Research Workshop 2016 Berlin, Germany, July 2016 (PDF) G. Carlucci, L. De Cicco, S. Holmer*, S. Mascolo Politecnico di Bari, Italy, *Google

593 views • 23 slides
Decision-making under uncertainty: Robust approaches for adapting to climate change using

Decision-making under uncertainty: Robust approaches for adapting to climate change using

Decision-making under uncertainty: Robust approaches for adapting to climate change using afforestation as an example. Anita Wreford Anita Wreford and Ruth Dittrich Scion SRUC NZARES Conference Nelson 24-26 August Outline 1. Uncertainty in

405 views • 17 slides
Developmental Evaluation Preparing to integrate real-time feedback and robust sense- making into

Developmental Evaluation Preparing to integrate real-time feedback and robust sense- making into

15#04#09' Developmental Evaluation Preparing to integrate real-time feedback and robust sense- making into your adaptive work. April'14,'2015' Presented'by:' Jamie'Gamble,'Imprint'Consul@ng'' H ere to T here 1' 15#04#09' Our'Time'Today' '

651 views • 38 slides
Making deep neural networks robust to label noise: a loss correction approach Giorgio Patrini

Making deep neural networks robust to label noise: a loss correction approach Giorgio Patrini

Making deep neural networks robust to label noise: a loss correction approach Giorgio Patrini 23 July 2017 CVPR, Honolulu joint work with Alessandro Rozza, Aditya Krishna Menon, Richard Nock and Lizhen Qu ANU, Data61, Waynaut, University

508 views • 28 slides
SpamResist: Making Peer-to-Peer Tagging SpamResist: Making Peer-to-Peer Tagging Systems Robust to

SpamResist: Making Peer-to-Peer Tagging SpamResist: Making Peer-to-Peer Tagging Systems Robust to

SpamResist: Making Peer-to-Peer Tagging SpamResist: Making Peer-to-Peer Tagging Systems Robust to Spam Systems Robust to Spam Ennan Ennan Zhai, Zhai, Ruichuan Ruichuan Chen, Eng Keong hen, Eng Keong Lua* Lua* Long Zhang, Long Zhang,

648 views • 64 slides
Deep learning: Challenges in learning and generalization Tomas Mikolov, Facebook AI What is

Deep learning: Challenges in learning and generalization Tomas Mikolov, Facebook AI What is

Deep learning: Challenges in learning and generalization Tomas Mikolov, Facebook AI What is generalization? Memorization to remember all training examples (Universal Approximator) 2 + 3 = 5, 3 + 2 = 5, ... Generalization to

281 views • 14 slides
Generalization of Cycle-Covering Heuristics Clemens B uchner Department of Mathematics and

Generalization of Cycle-Covering Heuristics Clemens B uchner Department of Mathematics and

Generalization of Cycle-Covering Heuristics Masters Thesis Presentation Generalization of Cycle-Covering Heuristics Clemens B uchner Department of Mathematics and Computer Science University of Basel May 14, 2020 Generalization of

877 views • 54 slides
VC GENERALIZATION BOUND VC GENERALIZATION BOUND Matthieu Bloch March 12, 2020 1 LOGISTICS (AND

VC GENERALIZATION BOUND VC GENERALIZATION BOUND Matthieu Bloch March 12, 2020 1 LOGISTICS (AND

VC GENERALIZATION BOUND VC GENERALIZATION BOUND Matthieu Bloch March 12, 2020 1 LOGISTICS (AND BABY PICTURE) LOGISTICS (AND BABY PICTURE) Problem Set 4 Assigned very soon, but no work expected during Spring break Project proposal Deadline

372 views • 11 slides
CSC321 Lecture 9: Generalization Roger Grosse Roger Grosse CSC321 Lecture 9: Generalization 1 /

CSC321 Lecture 9: Generalization Roger Grosse Roger Grosse CSC321 Lecture 9: Generalization 1 /

CSC321 Lecture 9: Generalization Roger Grosse Roger Grosse CSC321 Lecture 9: Generalization 1 / 27 Overview Weve focused so far on how to optimize neural nets how to get them to make good predictions on the training set. How do we make

905 views • 27 slides
A generalization of unitaries T. S. S. R. K. Rao StatMath Unit Indian Statistical Institute

A generalization of unitaries T. S. S. R. K. Rao StatMath Unit Indian Statistical Institute

A generalization of unitaries T. S. S. R. K. Rao StatMath Unit Indian Statistical Institute R. V. College P.O. Bangalore 560059, India, E-mail : tss@isibang.ac.in Abstract: In this talk we give a new geometric generalization of the notion

504 views • 16 slides
decomposing generalization models of generic, habitual and episodic statements Venkata S

decomposing generalization models of generic, habitual and episodic statements Venkata S

decomposing generalization models of generic, habitual and episodic statements Venkata S Govindarajan, Benjamin Van Durme, Aaron Steven White Transactions of the ACL Volume 7, 2019 p.501-517 generalization 1 The service at that restaurant was

647 views • 63 slides
Robust Traffic Matrix Estimation with Imperfect Information: Making Use of Multiple Data Sources

Robust Traffic Matrix Estimation with Imperfect Information: Making Use of Multiple Data Sources

Robust Traffic Matrix Estimation with Imperfect Information: Making Use of Multiple Data Sources Qi Zhao, Georgia Institute of Technology Zihui Ge, AT&T Labs-Research Jia Wang, AT&T Labs-Research Jun (Jim) Xu, Georgia Institute of

261 views • 24 slides
The need for effective, efficient and robust communications is critical. Data is at the essence

The need for effective, efficient and robust communications is critical. Data is at the essence

The need for effective, efficient and robust communications is critical. Data is at the essence of what we do collection, evaluation, sharing these are all core to decision making whether it is part of the bridge team, the ashore side

352 views • 14 slides
Making Generative Classifiers Robust to Selection Bias Andrew Smith Charles Elkan November

Making Generative Classifiers Robust to Selection Bias Andrew Smith Charles Elkan November

Making Generative Classifiers Robust to Selection Bias Andrew Smith Charles Elkan November 30th, 2007 Outline What is selection bias? Types of selection bias. Overcoming learnable bias with weighting. Overcoming bias with

736 views • 59 slides
Local Substitutability for Sequence Generalization Fran cois Coste , Ga elle Garet , Jacques

Local Substitutability for Sequence Generalization Fran cois Coste , Ga elle Garet , Jacques

Biological Problem Generalization using Substitutability Generalization using Local Substitutability First Experiments Local Substitutability for Sequence Generalization Fran cois Coste , Ga elle Garet , Jacques Nicolas Dyliss

565 views • 41 slides
Collaboration on an ontology for generalization Nicholas Gould - Manchester Metropolitan

Collaboration on an ontology for generalization Nicholas Gould - Manchester Metropolitan

Collaboration on an ontology for generalization Nicholas Gould - Manchester Metropolitan University William Mackaness - University of Edinburgh Guillaume Touya - IGN Glen Hart - University of Nottingham 17th ICA Workshop on generalization and

490 views • 15 slides

More recommend