Probing, Improving, and Verifying Machine Learning Model Robustness

Xiao, Kai Yuanqing

Author(s)

Xiao, Kai Yuanqing

DownloadThesis PDF (26.64Mb)

Advisor

Mądry, Aleksander

Terms of use

In Copyright - Educational Use Permitted Copyright MIT http://rightsstatements.org/page/InC-EDU/1.0/

Metadata

Show full item record

Abstract

Machine learning models turn out to be brittle when faced with distribution shifts, making them hard to rely on in real-world deployment. This motivates developing methods that enable us to detect and alleviate such model brittleness, as well as to verify that our models indeed meet desired robustness guarantees. This thesis presents a set of tools that help us detect model vulnerabilities and biases. This set comprises, on the one hand, a suite of new datasets that allow us to obtain a finer-grained understanding of model reliance on backgrounds. On the other hand, it involves 3DB, a framework that leverages photorealistic simulation, to probe model vulnerabilities to more varied distribution shifts. In addition to identifying these vulnerabilities, we discuss interventions that can make models more robust to distribution shifts, including using more training data. As we demonstrate, indiscriminately using more auxiliary data is not always beneficial, and we thus develop dataset projection, a method to choose the "right" auxiliary data to use. Finally, we show how to efficiently and formally verify that our models are robust to one of the most well-studied types of distribution shift: pixel-wise adversarial perturbations.

Date issued

2022-09

URI

https://hdl.handle.net/1721.1/147505

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Collections

Doctoral Theses