Detecting Evasion Attacks in Deployed Tree Ensembles

Devos, Laurens; Perini, Lorenzo; Meert, Wannes; Davis, Jesse

doi:10.1007/978-3-031-43424-2_8

Cited by 3 publications

(8 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…VERITAS (Devos, Meert, and Davis 2021b) is a state-of-theart robustness verification approach. It reformulates the ad-…”

Section: Veritas: Approximate Search-based Tree Ensemble Verificationmentioning

confidence: 99%

“…For a positive base example, the problem is changed to minimize T prob 1 (x) with the constraint T prob 1 (x) < 0.5. While C(x) can represent more complex constraints (see Devos, Meert, and Davis (2021b)), for ease of presentation, we limit C(x) to box constraints like the ∞-norm, and to constraints on the ensemble's output. We call the box constraint the prune box PB.…”

Section: Veritas: Approximate Search-based Tree Ensemble Verificationmentioning

confidence: 99%

“…Previous work has reduced multiclass problems to multiple binary ones using a one-versus-other strategy (Chen et al 2019b;Zhang, Zhang, and Hsieh 2020;Devos, Meert, and Davis 2021b). 1 The one-versus-other strategy spawns C − 1 subproblems, each one contrasting the target class c with another class c ′ ̸ = c by creating a new ensemble T c-vs-c ′ (x) that outputs the difference between T raw c (x) and T raw c ′ (x), i.e., a binary classifier that outputs the positive class if T selects class c over c ′ .…”

Section: Multiclass Verification In Tree Ensemblesmentioning

confidence: 99%

“…This has spurred interest in developing approaches that are able to reason about learned ensembles to verify their robustness. A wide variety of approaches have been proposed for this task (Kantchelian, Tygar, and Joseph 2016;Devos, Meert, and Davis 2021b;Zhang, Zhang, and Hsieh 2020;Chen et al 2019b).…”

Section: Introductionmentioning

confidence: 99%

“…This paper addresses this gap by proposing a novel approach to verification in tree ensembles that directly operates in a multiclass setting. We take the approach of viewing robustness verification as a constrained optimization problem (Devos, Meert, and Davis 2021b) which can then be solved using a heuristic, anytime search. We generalize the optimization task to a multiclass setting and show that this yields four different classes of problems that are relevant.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Robustness Verification of Multi-Class Tree Ensembles

Devos,

Cascioli,

Davis

2024

AAAI

View full text Add to dashboard Cite

Tree ensembles are one of the most widely used model classes. However, these models are susceptible to adversarial examples, which are slightly perturbed examples that elicit a misprediction. There has been significant research on designing approaches to verify the robustness of tree ensembles to such attacks. However, existing verification algorithms for tree ensembles are only able to analyze binary classifiers and hence address multiclass problems by reducing them to binary ones using a one-versus-other strategy. In this paper, we show that naively applying this strategy can yield incorrect results in certain situations. We address this shortcoming by proposing a novel approximate heuristic approach to verification for multiclass tree ensembles. Our approach is based on a novel generalization of the verification task, which we show emits other relevant verification queries.

show abstract

“…VERITAS (Devos, Meert, and Davis 2021b) is a state-of-theart robustness verification approach. It reformulates the ad-…”

Section: Veritas: Approximate Search-based Tree Ensemble Verificationmentioning

confidence: 99%

Section: Veritas: Approximate Search-based Tree Ensemble Verificationmentioning

confidence: 99%

Section: Multiclass Verification In Tree Ensemblesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Robustness Verification of Multi-Class Tree Ensembles

Devos,

Cascioli,

Davis

2024

AAAI

View full text Add to dashboard Cite

show abstract

Machine learning with a reject option: a survey

Hendrickx,

Perini,

Van der Plas

et al. 2024

Mach Learn

View full text Add to dashboard Cite

Methodology and evaluation in sports analytics: challenges, approaches, and lessons learned

Davis,

Bransen,

Devos

et al. 2024

Mach Learn

View full text Add to dashboard Cite

There has been an explosion of data collected about sports. Because such data is extremely rich and complex, machine learning is increasingly being used to extract actionable insights from it. Typically, machine learning is used to build models and indicators that capture the skills, capabilities, and tendencies of athletes and teams. Such indicators and models are in turn used to inform decision-making at professional clubs. Designing these indicators requires paying careful attention to a number of subtle issues from a methodological and evaluation perspective. In this paper, we highlight these challenges in sports and discuss a variety of approaches for handling them. Methodologically, we highlight that dependencies affect how to perform data partitioning for evaluation as well as the need to consider contextual factors. From an evaluation perspective, we draw a distinction between evaluating the developed indicators themselves versus the underlying models that power them. We argue that both aspects must be considered, but that they require different approaches. We hope that this article helps bridge the gap between traditional sports expertise and modern data analytics by providing a structured framework with practical examples.

show abstract

Detecting Evasion Attacks in Deployed Tree Ensembles

Cited by 3 publications

References 38 publications

Robustness Verification of Multi-Class Tree Ensembles

Robustness Verification of Multi-Class Tree Ensembles

Machine learning with a reject option: a survey

Methodology and evaluation in sports analytics: challenges, approaches, and lessons learned

Contact Info

Product

Resources

About