Ensembling Uncertainty Measures to Improve Safety of Black-Box
Classifiers
- URL: http://arxiv.org/abs/2308.12065v1
- Date: Wed, 23 Aug 2023 11:24:28 GMT
- Title: Ensembling Uncertainty Measures to Improve Safety of Black-Box
Classifiers
- Authors: Tommaso Zoppi, Andrea Ceccarelli, Andrea Bondavalli
- Abstract summary: SPROUT is a Safety wraPper thROugh ensembles of UncertainTy measures.
It suspects misclassifications by computing uncertainty measures on the inputs and outputs of a black-box classifier.
The resulting impact on safety is that SPROUT transforms erratic outputs (misclassifications) into data omission failures.
- Score: 3.130722489512822
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Machine Learning (ML) algorithms that perform classification may predict the
wrong class, experiencing misclassifications. It is well-known that
misclassifications may have cascading effects on the encompassing system,
possibly resulting in critical failures. This paper proposes SPROUT, a Safety
wraPper thROugh ensembles of UncertainTy measures, which suspects
misclassifications by computing uncertainty measures on the inputs and outputs
of a black-box classifier. If a misclassification is detected, SPROUT blocks
the propagation of the output of the classifier to the encompassing system. The
resulting impact on safety is that SPROUT transforms erratic outputs
(misclassifications) into data omission failures, which can be easily managed
at the system level. SPROUT has a broad range of applications as it fits binary
and multi-class classification, comprising image and tabular datasets. We
experimentally show that SPROUT always identifies a huge fraction of the
misclassifications of supervised classifiers, and it is able to detect all
misclassifications in specific cases. SPROUT implementation contains
pre-trained wrappers, it is publicly available and ready to be deployed with
minimal effort.
Related papers
- Collaborative Feature-Logits Contrastive Learning for Open-Set Semi-Supervised Object Detection [75.02249869573994]
In open-set scenarios, the unlabeled dataset contains both in-distribution (ID) classes and out-of-distribution (OOD) classes.
Applying semi-supervised detectors in such settings can lead to misclassifying OOD class as ID classes.
We propose a simple yet effective method, termed Collaborative Feature-Logits Detector (CFL-Detector)
arXiv Detail & Related papers (2024-11-20T02:57:35Z) - Credible Teacher for Semi-Supervised Object Detection in Open Scene [106.25850299007674]
In Open Scene Semi-Supervised Object Detection (O-SSOD), unlabeled data may contain unknown objects not observed in the labeled data.
It is detrimental to the current methods that mainly rely on self-training, as more uncertainty leads to the lower localization and classification precision of pseudo labels.
We propose Credible Teacher, an end-to-end framework to prevent uncertain pseudo labels from misleading the model.
arXiv Detail & Related papers (2024-01-01T08:19:21Z) - Probabilistic Safety Regions Via Finite Families of Scalable Classifiers [2.431537995108158]
Supervised classification recognizes patterns in the data to separate classes of behaviours.
Canonical solutions contain misclassification errors that are intrinsic to the numerical approximating nature of machine learning.
We introduce the concept of probabilistic safety region to describe a subset of the input space in which the number of misclassified instances is probabilistically controlled.
arXiv Detail & Related papers (2023-09-08T22:40:19Z) - Complementary Labels Learning with Augmented Classes [22.460256396941528]
Complementary Labels Learning (CLL) arises in many real-world tasks such as private questions classification and online learning.
We propose a novel problem setting called Complementary Labels Learning with Augmented Classes (CLLAC)
By using unlabeled data, we propose an unbiased estimator of classification risk for CLLAC, which is guaranteed to be provably consistent.
arXiv Detail & Related papers (2022-11-19T13:55:27Z) - When in Doubt: Improving Classification Performance with Alternating
Normalization [57.39356691967766]
We introduce Classification with Alternating Normalization (CAN), a non-parametric post-processing step for classification.
CAN improves classification accuracy for challenging examples by re-adjusting their predicted class probability distribution.
We empirically demonstrate its effectiveness across a diverse set of classification tasks.
arXiv Detail & Related papers (2021-09-28T02:55:42Z) - Binary Classification from Multiple Unlabeled Datasets via Surrogate Set
Classification [94.55805516167369]
We propose a new approach for binary classification from m U-sets for $mge2$.
Our key idea is to consider an auxiliary classification task called surrogate set classification (SSC)
arXiv Detail & Related papers (2021-02-01T07:36:38Z) - Classification with Rejection Based on Cost-sensitive Classification [83.50402803131412]
We propose a novel method of classification with rejection by ensemble of learning.
Experimental results demonstrate the usefulness of our proposed approach in clean, noisy, and positive-unlabeled classification.
arXiv Detail & Related papers (2020-10-22T14:05:05Z) - Towards Probability-based Safety Verification of Systems with Components
from Machine Learning [8.75682288556859]
Safety verification of machine learning systems is currently thought to be infeasible or, at least, very hard.
We think that it requires taking into account specific properties of ML technology such as: (i) Most ML approaches are inductive, which is both their power and their source of error.
We propose verification based on probabilities of errors both estimated by controlled experiments and output by the inductively learned itself.
arXiv Detail & Related papers (2020-03-02T19:31:37Z) - Certified Robustness to Label-Flipping Attacks via Randomized Smoothing [105.91827623768724]
Machine learning algorithms are susceptible to data poisoning attacks.
We present a unifying view of randomized smoothing over arbitrary functions.
We propose a new strategy for building classifiers that are pointwise-certifiably robust to general data poisoning attacks.
arXiv Detail & Related papers (2020-02-07T21:28:30Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.