Transductive Robust Learning Guarantees

TL;DR

This paper introduces a transductive learning method that guarantees adversarial robustness with error bounds dependent on VC dimension, improving over inductive bounds but with a more restrictive optimality criterion.

Contribution

It presents a simple transductive learner that achieves robust error bounds linear in VC dimension, enhancing robustness guarantees in adversarial settings.

Findings

Robust error rate is linear in VC dimension.

Exponential improvement over inductive bounds.

Adaptive to perturbation complexity.

Abstract

We study the problem of adversarially robust learning in the transductive setting. For classes $\mathcal{H}$ of bounded VC dimension, we propose a simple transductive learner that when presented with a set of labeled training examples and a set of unlabeled test examples (both sets possibly adversarially perturbed), it correctly labels the test examples with a robust error rate that is linear in the VC dimension and is adaptive to the complexity of the perturbation set. This result provides an exponential improvement in dependence on VC dimension over the best known upper bound on the robust error in the inductive setting, at the expense of competing with a more restrictive notion of optimal robust error.