Quantifying probabilistic robustness of tree-based classifiers against natural distortions

TL;DR

This paper introduces a method to precisely quantify the probabilistic robustness of tree-based classifiers against natural distortions in input data, assuming these distortions follow multivariate normal distributions.

Contribution

It presents an exact robustness measure for tree-based classifiers under natural distortions, improving upon previous approximate methods and applicable to high-dimensional data.

Findings

Provides an exact probabilistic robustness measure for tree classifiers.

Applicable to high-dimensional input data with natural distortions.

Improves reliability of robustness assessment in trustworthy AI.

Abstract

The concept of trustworthy AI has gained widespread attention lately. One of the aspects relevant to trustworthy AI is robustness of ML models. In this study, we show how to probabilistically quantify robustness against naturally occurring distortions of input data for tree-based classifiers under the assumption that the natural distortions can be described by multivariate probability distributions that can be transformed to multivariate normal distributions. The idea is to extract the decision rules of a trained tree-based classifier, separate the feature space into non-overlapping regions and determine the probability that a data sample with distortion returns its predicted label. The approach is based on the recently introduced measure of real-world-robustness, which works for all black box classifiers, but is only an approximation and only works if the input dimension is not too high, whereas our proposed method gives an exact measure.