Adversarially Robust PAC Learnability of Real-Valued Functions

arXiv:2206.12977v3 Announce Type: replace
Abstract: We study robustness to test-time adversarial attacks in the regression setting with $\ell_p$ losses and arbitrary perturbation sets. We address the question of which function classes are PAC learnable in this setting. We show that classes of finite fat-shattering dimension are learnable in both realizable and agnostic settings. Moreover, for convex function classes, they are even properly learnable. In contrast, some non-convex function classes provably require improper learning algorithms. Our main technique is based on …

abstract adversarial adversarial attacks arxiv attacks cs.lg function functions losses question regression robust robustness show stat.ml study test type