Exploring the Landscape of Spatial Robustness

Engstrom, Logan; Tran, Brandon; Tsipras, Dimitris; Schmidt, Ludwig; Madry, Aleksander

doi:10.48550/arxiv.1712.02779

Cited by 10 publications

(14 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Improving the generalization of deep learning models has become a major research topic, with many different threads of research including Bayesian deep learning (Neal, 1996;Gal, 2016), adversarial (Engstrom et al, 2019;Jacobsen et al, 2018) and non-adversarial (Hendrycks & Dietterich, 2019;Yin et al, 2019) robustness, causality (Arjovsky et al, 2019), and other works aimed at distinguishing statistical features from semantic features (Gowal et al, 2019;Geirhos et al, 2018). While neural networks often exhibit superhuman generalization performance on the training distribution, they can be extremely sensitive to minute changes in distribution (Su et al, 2019;Engstrom et al, 2017; In this work, we consider out-of-distribution (OoD) generalization, where a model must generalize to new distributions at test time without seeing any training data from them. We assume a fixed underlying task, and access to labeled data from multiple training environments.…”

Section: Introductionmentioning

confidence: 99%

Out-of-Distribution Generalization via Risk Extrapolation (REx)

Krueger,

Caballero,

Jacobsen

et al. 2020

Preprint

113

View full text Add to dashboard Cite

Generalizing outside of the training distribution is an open challenge for current machine learning systems. A weak form of out-of-distribution (OoD) generalization is the ability to successfully interpolate between multiple observed distributions. One way to achieve this is through robust optimization, which seeks to minimize the worstcase risk over convex combinations of the training distributions. However, a much stronger form of OoD generalization is the ability of models to extrapolate beyond the distributions observed during training. In pursuit of strong OoD generalization, we introduce the principle of Risk Extrapolation (REx). REx can be viewed as encouraging robustness over affine combinations of training risks, by encouraging strict equality between training risks. We show conceptually how this principle enables extrapolation, and demonstrate the effectiveness and scalability of instantiations of REx on various OoD generalization tasks. Our code can be found at https://github.com/capybaralet/ REx_code_release.

show abstract

Section: Introductionmentioning

confidence: 99%

Out-of-Distribution Generalization via Risk Extrapolation (REx)

Krueger,

Caballero,

Jacobsen

et al. 2020

Preprint

113

View full text Add to dashboard Cite

show abstract

“…• (Adversarial examples) We find, using human intuition or an automated method, a rotated version of a training image that the model classifies incorrectly, despite being correct on the unrotated image. ⇒ The model is not rotation invariant, and will likely misclassify rotated versions of other images [27].…”

Section: Examples Of Interactive Behavior Certificatesmentioning

confidence: 99%

Trust in AI: Interpretability is not necessary or sufficient, while black-box interaction is necessary and sufficient

Shen¹

2022

Preprint

View full text Add to dashboard Cite

The problem of human trust in artificial intelligence is one of the most fundamental problems in applied machine learning. Our processes for evaluating AI trustworthiness have substantial ramifications for ML's impact on science, health, and humanity, yet confusion surrounds foundational concepts. What does it mean to trust an AI, and how do humans assess AI trustworthiness? What are the mechanisms for building trustworthy AI? And what is the role of interpretable ML in trust?Here, we draw from statistical learning theory and sociological lenses on human-automation trust to motivate an AI-as-tool framework, which distinguishes human-AI trust from human-AI-human trust. Evaluating an AI's contractual trustworthiness involves predicting future model behavior using behavior certificates (BCs) that aggregate behavioral evidence from diverse sources including empirical out-of-distribution and out-of-task evaluation and theoretical proofs linking model architecture to behavior.We clarify the role of interpretability in trust with a ladder of model access. Interpretability (level 3) is not necessary or even sufficient for trust, while the ability to run a black-box model at-will (level 2) is necessary and sufficient. While interpretability can offer benefits for trust, it can also incur costs. We clarify ways interpretability can contribute to trust, while questioning the perceived centrality of interpretability to trust in popular discourse.How can we empower people with tools to evaluate trust? Instead of trying to understand how a model works, we argue for understanding how a model behaves. Instead of opening up black boxes, we should create more behavior certificates that are more correct, relevant, and understandable. We discuss how to build trusted and trustworthy AI responsibly with contract-aware model design, robustness testing, and favoring trust calibration over maximization. CCS Concepts: • Computing methodologies → Artificial intelligence; • Social and professional topics → Computing / technology policy; • Human-centered computing → Interaction design theory, concepts and paradigms.

show abstract

“…Figure 1.6) (Beery, van Horn, and Perona, 2018), object pose (Alcorn, Li, Gong et al, 2019) or texture (Geirhos, Rubisch, Michaelis et al, 2018). Their performance also worsens when small rotations and translations are applied to the image (Engstrom, Tran, Tsipras et al, 2019) as well as corruptions and distortions (Dodge and Karam, 2017;Geirhos, Medina Temme, Rauber et al, 2018;Hendrycks and Dietterich, 2019).…”

Section: Why Do Deep Neural Network Generalize So Poorly?mentioning

confidence: 99%