Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Evaluating Black-Box Vulnerabilities with Wasserstein-Constrained Data Perturbations

Adriana Laurindo Monteiro, Jean-Michel Loubes

Abstract

The massive use of Machine Learning (ML) tools in industry comes with critical challenges, such as the lack of explainable models and the use of black-box algorithms. We address this issue by applying Optimal Transport theory in the analysis of responses of ML models to variations in the distribution of input variables. We find the closest distribution, in the Wasserstein sense, that satisfies a given constraintt and examine its impact on model behavior. Furthermore, we establish convergence results for this projected distribution and demonstrate our approach using examples and real-world datasets in both regression and classification settings.

Evaluating Black-Box Vulnerabilities with Wasserstein-Constrained Data Perturbations

Abstract

The massive use of Machine Learning (ML) tools in industry comes with critical challenges, such as the lack of explainable models and the use of black-box algorithms. We address this issue by applying Optimal Transport theory in the analysis of responses of ML models to variations in the distribution of input variables. We find the closest distribution, in the Wasserstein sense, that satisfies a given constraintt and examine its impact on model behavior. Furthermore, we establish convergence results for this projected distribution and demonstrate our approach using examples and real-world datasets in both regression and classification settings.
Paper Structure (31 sections, 12 theorems, 71 equations, 4 figures)

This paper contains 31 sections, 12 theorems, 71 equations, 4 figures.

Table of Contents

  1. Introduction
  2. Related work
  3. Distributionally robust optimization.
  4. Global Sensitivity Analysis and Stress Testing.
  5. Model Explainability via Distributional Perturbations.
  6. Methodology
  7. Results and organization of the paper
  8. Theoretical background
  9. Existence theorem
  10. Consistency
  11. Practical computations
  12. Dual formulation
  13. Applications to Machine Learning
  14. Explainable models with Wasserstein projection
  15. Experiments
  16. ...and 16 more sections

Key Result

Theorem 2.1

For $y\in{\mathbb{R}}^d$, let $T_\lambda(y)\in {\rm arg}\min_{x} \left\{\|x-y\|^2-\lambda^T \Phi(x) \right\}$. Then $P^*$ is an optimal solution to P if, and only if, it is defined as $P^*= {T_\lambda}_\#Q$ where

Figures (4)

  • Figure 1: Impact of feature Age in portion of predicted 1's.
  • Figure 2: Multiple mean changes impact on higher income ($\geq$50k). As $\tau$ increases (respectively decreases), the values of the selected feature increases (respectively decreases). $\tau = 0$ means no projection.
  • Figure 3: Disparate Impact for different mean changes. The red star represents the DI of the original dataset and the vertical bars denote the confidence interval.
  • Figure 4: (Top - Average price) average of price predicted for projected datasets with respect to $\tau$. (Bottom - Price variance) with respect to $\tau$. There is no projection when $\tau=0$. The higher (respectively lower) value for $\tau$, the higher (respectively lower) the value of the feature.

Theorems & Definitions (22)

  • Theorem 2.1
  • Proposition 2.1
  • Proposition 2.2
  • Remark 2.1
  • Remark 2.2
  • Theorem 2.2
  • Example 2.1
  • Corollary 2.1
  • Theorem 3.1
  • Theorem 3.2
  • ...and 12 more