Robusta: Robust AutoML for Feature Selection via Reinforcement Learning

TL;DR

Robusta is a novel AutoML framework that uses reinforcement learning to select features, enhancing model robustness against adversarial attacks while maintaining accuracy, addressing a critical need in mission-critical applications.

Contribution

This paper introduces the first robust AutoML framework, Robusta, which optimizes feature selection for both accuracy and robustness using reinforcement learning and heuristic acceleration techniques.

Findings

Improves model robustness by up to 22% against adversarial attacks.

Maintains competitive accuracy on benign samples.

Employs RL-based combinatorial search with heuristic feature scoring.

Abstract

Several AutoML approaches have been proposed to automate the machine learning (ML) process, such as searching for the ML model architectures and hyper-parameters. However, these AutoML pipelines only focus on improving the learning accuracy of benign samples while ignoring the ML model robustness under adversarial attacks. As ML systems are increasingly being used in a variety of mission-critical applications, improving the robustness of ML systems has become of utmost importance. In this paper, we propose the first robust AutoML framework, Robusta--based on reinforcement learning (RL)--to perform feature selection, aiming to select features that lead to both accurate and robust ML systems. We show that a variation of the 0-1 robust loss can be directly optimized via an RL-based combinatorial search in the feature selection scenario. In addition, we employ heuristics to accelerate the search procedure based on feature scoring metrics, which are mutual information scores, tree-based classifiers feature importance scores, F scores, and Integrated Gradient (IG) scores, as well as their combinations. We conduct extensive experiments and show that the proposed framework is able to improve the model robustness by up to 22% while maintaining competitive accuracy on benign samples compared with other feature selection methods.