# A Fundamental Performance Limitation for Adversarial Classification

**Authors:** Abed AlRahman Al Makdah, Vaibhav Katewa, and Fabio Pasqualetti

arXiv: 1903.01032 · 2019-03-18

## TL;DR

This paper proves a fundamental tradeoff in adversarial classification, showing that optimizing accuracy inherently increases sensitivity to data manipulation, and this tradeoff is dictated solely by data statistics, not algorithm tuning.

## Contribution

It establishes a formal, fundamental limit on the accuracy-sensitivity tradeoff in adversarial classification, independent of specific algorithm choices.

## Key findings

- Accuracy-sensitivity tradeoff is unavoidable in adversarial settings.
- The tradeoff depends only on data statistics, not on algorithm complexity.
- Tuning algorithms cannot surpass this fundamental limit.

## Abstract

Despite the widespread use of machine learning algorithms to solve problems of technological, economic, and social relevance, provable guarantees on the performance of these data-driven algorithms are critically lacking, especially when the data originates from unreliable sources and is transmitted over unprotected and easily accessible channels. In this paper we take an important step to bridge this gap and formally show that, in a quest to optimize their accuracy, binary classification algorithms -- including those based on machine-learning techniques -- inevitably become more sensitive to adversarial manipulation of the data. Further, for a given class of algorithms with the same complexity (i.e., number of classification boundaries), the fundamental tradeoff curve between accuracy and sensitivity depends solely on the statistics of the data, and cannot be improved by tuning the algorithm.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1903.01032/full.md

## Figures

3 figures with captions in the complete paper: https://tomesphere.com/paper/1903.01032/full.md

## References

17 references — full list in the complete paper: https://tomesphere.com/paper/1903.01032/full.md

---
Source: https://tomesphere.com/paper/1903.01032