Ensembling Uncertainty Measures to Improve Safety of Black-Box Classifiers

• URL: http://arxiv.org/abs/2308.12065v1
• Date: Wed, 23 Aug 2023 11:24:28 GMT
• Title: Ensembling Uncertainty Measures to Improve Safety of Black-Box Classifiers
• Authors: Tommaso Zoppi, Andrea Ceccarelli, Andrea Bondavalli
• Abstract summary: SPROUT is a Safety wraPper thROugh ensembles of UncertainTy measures. It suspects misclassifications by computing uncertainty measures on the inputs and outputs of a black-box classifier. The resulting impact on safety is that SPROUT transforms erratic outputs (misclassifications) into data omission failures.
• Score: 3.130722489512822
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Machine Learning (ML) algorithms that perform classification may predict the wrong class, experiencing misclassifications. It is well-known that misclassifications may have cascading effects on the encompassing system, possibly resulting in critical failures. This paper proposes SPROUT, a Safety wraPper thROugh ensembles of UncertainTy measures, which suspects misclassifications by computing uncertainty measures on the inputs and outputs of a black-box classifier. If a misclassification is detected, SPROUT blocks the propagation of the output of the classifier to the encompassing system. The resulting impact on safety is that SPROUT transforms erratic outputs (misclassifications) into data omission failures, which can be easily managed at the system level. SPROUT has a broad range of applications as it fits binary and multi-class classification, comprising image and tabular datasets. We experimentally show that SPROUT always identifies a huge fraction of the misclassifications of supervised classifiers, and it is able to detect all misclassifications in specific cases. SPROUT implementation contains pre-trained wrappers, it is publicly available and ready to be deployed with minimal effort.

Related papers

• Conformal Predictions for Probabilistically Robust Scalable Machine Learning Classification [1.757077789361314]
  Conformal predictions make it possible to define reliable and robust learning algorithms. They are essentially a method for evaluating whether an algorithm is good enough to be used in practice. This paper defines a reliable learning framework for classification from the very beginning of its design.
  arXiv  Detail & Related papers  (2024-03-15T14:59:24Z)
• Credible Teacher for Semi-Supervised Object Detection in Open Scene [106.25850299007674]
  In Open Scene Semi-Supervised Object Detection (O-SSOD), unlabeled data may contain unknown objects not observed in the labeled data. It is detrimental to the current methods that mainly rely on self-training, as more uncertainty leads to the lower localization and classification precision of pseudo labels. We propose Credible Teacher, an end-to-end framework to prevent uncertain pseudo labels from misleading the model.
  arXiv  Detail & Related papers  (2024-01-01T08:19:21Z)
• Probabilistic Safety Regions Via Finite Families of Scalable Classifiers [2.431537995108158]
  Supervised classification recognizes patterns in the data to separate classes of behaviours. Canonical solutions contain misclassification errors that are intrinsic to the numerical approximating nature of machine learning. We introduce the concept of probabilistic safety region to describe a subset of the input space in which the number of misclassified instances is probabilistically controlled.
  arXiv  Detail & Related papers  (2023-09-08T22:40:19Z)
• Complementary Labels Learning with Augmented Classes [22.460256396941528]
  Complementary Labels Learning (CLL) arises in many real-world tasks such as private questions classification and online learning. We propose a novel problem setting called Complementary Labels Learning with Augmented Classes (CLLAC) By using unlabeled data, we propose an unbiased estimator of classification risk for CLLAC, which is guaranteed to be provably consistent.
  arXiv  Detail & Related papers  (2022-11-19T13:55:27Z)
• When in Doubt: Improving Classification Performance with Alternating Normalization [57.39356691967766]
  We introduce Classification with Alternating Normalization (CAN), a non-parametric post-processing step for classification. CAN improves classification accuracy for challenging examples by re-adjusting their predicted class probability distribution. We empirically demonstrate its effectiveness across a diverse set of classification tasks.
  arXiv  Detail & Related papers  (2021-09-28T02:55:42Z)
• SCRIB: Set-classifier with Class-specific Risk Bounds for Blackbox Models [48.374678491735665]
  We introduce Set-classifier with Class-specific RIsk Bounds (SCRIB) to tackle this problem. SCRIB constructs a set-classifier that controls the class-specific prediction risks with a theoretical guarantee. We validated SCRIB on several medical applications, including sleep staging on electroencephalogram (EEG) data, X-ray COVID image classification, and atrial fibrillation detection based on electrocardiogram (ECG) data.
  arXiv  Detail & Related papers  (2021-03-05T21:06:12Z)
• Binary Classification from Multiple Unlabeled Datasets via Surrogate Set Classification [94.55805516167369]
  We propose a new approach for binary classification from m U-sets for $mge2$. Our key idea is to consider an auxiliary classification task called surrogate set classification (SSC)
  arXiv  Detail & Related papers  (2021-02-01T07:36:38Z)
• Classification with Rejection Based on Cost-sensitive Classification [83.50402803131412]
  We propose a novel method of classification with rejection by ensemble of learning. Experimental results demonstrate the usefulness of our proposed approach in clean, noisy, and positive-unlabeled classification.
  arXiv  Detail & Related papers  (2020-10-22T14:05:05Z)
• Towards Probability-based Safety Verification of Systems with Components from Machine Learning [8.75682288556859]
  Safety verification of machine learning systems is currently thought to be infeasible or, at least, very hard. We think that it requires taking into account specific properties of ML technology such as: (i) Most ML approaches are inductive, which is both their power and their source of error. We propose verification based on probabilities of errors both estimated by controlled experiments and output by the inductively learned itself.
  arXiv  Detail & Related papers  (2020-03-02T19:31:37Z)
• Certified Robustness to Label-Flipping Attacks via Randomized Smoothing [105.91827623768724]
  Machine learning algorithms are susceptible to data poisoning attacks. We present a unifying view of randomized smoothing over arbitrary functions. We propose a new strategy for building classifiers that are pointwise-certifiably robust to general data poisoning attacks.
  arXiv  Detail & Related papers  (2020-02-07T21:28:30Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.