Timezone: »

 
Poster
Improving Certified Robustness via Statistical Learning with Logical Reasoning
Zhuolin Yang · Zhikuan Zhao · Boxin Wang · Jiawei Zhang · Linyi Li · Hengzhi Pei · Bojan Karlaš · Ji Liu · Heng Guo · Ce Zhang · Bo Li

Thu Dec 01 02:00 PM -- 04:00 PM (PST) @ Hall J #438

Intensive algorithmic efforts have been made to enable the rapid improvements of certificated robustness for complex ML models recently. However, current robustness certification methods are only able to certify under a limited perturbation radius. Given that existing pure data-driven statistical approaches have reached a bottleneck, in this paper, we propose to integrate statistical ML models with knowledge (expressed as logical rules) as a reasoning component using Markov logic networks (MLN), so as to further improve the overall certified robustness. This opens new research questions about certifying the robustness of such a paradigm, especially the reasoning component (e.g., MLN). As the first step towards understanding these questions, we first prove that the computational complexity of certifying the robustness of MLN is #P-hard. Guided by this hardness result, we then derive the first certified robustness bound for MLN by carefully analyzing different model regimes. Finally, we conduct extensive experiments on five datasets including both high-dimensional images and natural language texts, and we show that the certified robustness with knowledge-based logical reasoning indeed significantly outperforms that of the state-of-the-arts.

Author Information

Zhuolin Yang (University of Illinois at Urbana-Champaign)
Zhikuan Zhao (ETHZ - ETH Zurich)
Boxin Wang (Department of Computer Science, University of Illinois, Urbana Champaign)
Jiawei Zhang (University of Illinois, Urbana Champaign)
Linyi Li (University of Illinois Urbana-Champaign)

A Ph.D. candidate working on robust machine learning and verification.

Hengzhi Pei (University of Illinois, Urbana Champaign)
Bojan Karlaš (ETH Zurich)
Ji Liu (Kwai Inc.)
Heng Guo (School of Informatics, University of Edinburgh)
Ce Zhang (ETH Zurich)
Bo Li (UIUC)

More from the Same Authors