Robust Yet Efficient Conformal Prediction Sets

Soroush H. Zargarbashi; Mohammad Sadegh Akhondzadeh; Aleksandar; Bojchevski

arXiv:2407.09165·cs.LG·July 15, 2024

Robust Yet Efficient Conformal Prediction Sets

Soroush H. Zargarbashi, Mohammad Sadegh Akhondzadeh, Aleksandar, Bojchevski

PDF

Open Access 1 Repo

TL;DR

This paper introduces a method to create robust conformal prediction sets that maintain coverage guarantees even under adversarial attacks, improving efficiency and applicability across data types.

Contribution

It derives provably robust conformal prediction sets with tighter bounds, addressing both evasion and poisoning attacks for continuous and discrete data.

Findings

01

Robust sets maintain coverage under adversarial attacks.

02

Tighter bounds lead to more efficient prediction sets.

03

Applicable to both feature and label perturbations.

Abstract

Conformal prediction (CP) can convert any model's output into prediction sets guaranteed to include the true label with any user-specified probability. However, same as the model itself, CP is vulnerable to adversarial test examples (evasion) and perturbed calibration data (poisoning). We derive provably robust sets by bounding the worst-case change in conformity scores. Our tighter bounds lead to more efficient sets. We cover both continuous and discrete (sparse) data and our guarantees work both for evasion and poisoning attacks (on both features and labels).

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

soroushzargar/cas
pytorchOfficial

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsNeural Networks and Applications · Face and Expression Recognition