Adversarially Robust Optimization with Gaussian Processes

TL;DR

This paper introduces StableOpt, a new Gaussian process optimization algorithm designed to find solutions that remain high-valued even under adversarial perturbations, with theoretical guarantees and real-world validation.

Contribution

The paper proposes StableOpt, a novel confidence-bound based algorithm for adversarially robust Gaussian process optimization, with rigorous sample complexity analysis and empirical validation.

Findings

StableOpt outperforms baseline methods in robustness against adversarial perturbations.

Theoretical guarantees on the sample complexity for near-optimal solutions.

Empirical results demonstrate effectiveness on real-world datasets.

Abstract

In this paper, we consider the problem of Gaussian process (GP) optimization with an added robustness requirement: The returned point may be perturbed by an adversary, and we require the function value to remain as high as possible even after this perturbation. This problem is motivated by settings in which the underlying functions during optimization and implementation stages are different, or when one is interested in finding an entire region of good inputs rather than only a single point. We show that standard GP optimization algorithms do not exhibit the desired robustness properties, and provide a novel confidence-bound based algorithm StableOpt for this purpose. We rigorously establish the required number of samples for StableOpt to find a near-optimal point, and we complement this guarantee with an algorithm-independent lower bound. We experimentally demonstrate several potential applications of interest using real-world data sets, and we show that StableOpt consistently succeeds in finding a stable maximizer where several baseline methods fail.