Probing, Improving, and Verifying Machine Learning Model Robustness

• dc.contributor.advisor: Mądry, Aleksander
• dc.contributor.author: Xiao, Kai Yuanqing
• dc.date.issued: 2022-09
• dc.date.submitted: 2022-10-19T19:11:15.537Z
• dc.identifier.uri: https://hdl.handle.net/1721.1/147505
• dc.description.abstract: Machine learning models turn out to be brittle when faced with distribution shifts, making them hard to rely on in real-world deployment. This motivates developing methods that enable us to detect and alleviate such model brittleness, as well as to verify that our models indeed meet desired robustness guarantees. This thesis presents a set of tools that help us detect model vulnerabilities and biases. This set comprises, on the one hand, a suite of new datasets that allow us to obtain a finer-grained understanding of model reliance on backgrounds. On the other hand, it involves 3DB, a framework that leverages photorealistic simulation, to probe model vulnerabilities to more varied distribution shifts. In addition to identifying these vulnerabilities, we discuss interventions that can make models more robust to distribution shifts, including using more training data. As we demonstrate, indiscriminately using more auxiliary data is not always beneficial, and we thus develop dataset projection, a method to choose the "right" auxiliary data to use. Finally, we show how to efficiently and formally verify that our models are robust to one of the most well-studied types of distribution shift: pixel-wise adversarial perturbations.
• dc.publisher: Massachusetts Institute of Technology
• dc.type: Thesis
• dc.description.degree: Ph.D.
• dc.contributor.department: Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
• mit.thesis.degree: Doctoral
• thesis.degree.name: Doctor of Philosophy