국립중앙도서관 "우편 복사 서비스"로 연결 됩니다.
Machine learning has achieved state-of-the-art performance in many areas, including image recognition and natural language processing. However, there are still many challenges and mysteries attracting numerous researchers. This dissertation comprises...
다국어 입력
あ
ぁ
か
が
さ
ざ
た
だ
な
は
ば
ぱ
ま
や
ゃ
ら
わ
ゎ
ん
い
ぃ
き
ぎ
し
じ
ち
ぢ
に
ひ
び
ぴ
み
り
う
ぅ
く
ぐ
す
ず
つ
づ
っ
ぬ
ふ
ぶ
ぷ
む
ゆ
ゅ
る
え
ぇ
け
げ
せ
ぜ
て
で
ね
へ
べ
ぺ
め
れ
お
ぉ
こ
ご
そ
ぞ
と
ど
の
ほ
ぼ
ぽ
も
よ
ょ
ろ
を
ア
ァ
カ
サ
ザ
タ
ダ
ナ
ハ
バ
パ
マ
ヤ
ャ
ラ
ワ
ヮ
ン
イ
ィ
キ
ギ
シ
ジ
チ
ヂ
ニ
ヒ
ビ
ピ
ミ
リ
ウ
ゥ
ク
グ
ス
ズ
ツ
ヅ
ッ
ヌ
フ
ブ
プ
ム
ユ
ュ
ル
エ
ェ
ケ
ゲ
セ
ゼ
テ
デ
ヘ
ベ
ペ
メ
レ
オ
ォ
コ
ゴ
ソ
ゾ
ト
ド
ノ
ホ
ボ
ポ
モ
ヨ
ョ
ロ
ヲ
―
http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
예시)
- 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
- 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
А
Б
В
Г
Д
Е
Ё
Ж
З
И
Й
К
Л
М
Н
О
П
Р
С
Т
У
Ф
Х
Ц
Ч
Ш
Щ
Ъ
Ы
Ь
Э
Ю
Я
а
б
в
г
д
е
ё
ж
з
и
й
к
л
м
н
о
п
р
с
т
у
ф
х
ц
ч
ш
щ
ъ
ы
ь
э
ю
я
′
″
℃
Å
¢
£
¥
¤
℉
‰
$
%
F
₩
㎕
㎖
㎗
ℓ
㎘
㏄
㎣
㎤
㎥
㎦
㎙
㎚
㎛
㎜
㎝
㎞
㎟
㎠
㎡
㎢
㏊
㎍
㎎
㎏
㏏
㎈
㎉
㏈
㎧
㎨
㎰
㎱
㎲
㎳
㎴
㎵
㎶
㎷
㎸
㎹
㎀
㎁
㎂
㎃
㎄
㎺
㎻
㎽
㎾
㎿
㎐
㎑
㎒
㎓
㎔
Ω
㏀
㏁
㎊
㎋
㎌
㏖
㏅
㎭
㎮
㎯
㏛
㎩
㎪
㎫
㎬
㏝
㏐
㏓
㏃
㏉
㏜
㏆
RISS 인기검색어
https://www.riss.kr/link?id=T16616891
- 저자
-
발행사항
Ann Arbor : ProQuest Dissertations & Theses, 2021
-
학위수여대학
Harvard University Engineering and Applied Sciences - Computer Science
-
수여연도
2021
-
작성언어
영어
- 주제어
-
학위
Ph.D.
-
페이지수
232 p.
-
지도교수/심사위원
Advisor: Dwork, Cynthia.
-
0
상세조회 -
0
다운로드
부가정보
다국어 초록 (Multilingual Abstract)
Machine learning has achieved state-of-the-art performance in many areas, including image recognition and natural language processing. However, there are still many challenges and mysteries attracting numerous researchers. This dissertation comprises a series of works concerning problems at the intersection of computer science theory, adversarial robustness, generalization theory, and social science. The first part is to understand adversarial robustness from two perspectives: the efficiency of popular defense mechanisms against adversarial attacks and to understand how adversarial training trade-offs prediction accuracy to robustness. Specifically, in the first perspective, we investigate the popular defense mechanism that formulates adversarial training as robust optimization and trains with projected gradient descent. We study the non-concave landscape of the adversarial loss of a two-layer neural network. Our main result proves that the projected gradient ascent finds a local maximum of this non-concave problem in a polynomial number of iterations with high probability. In the second perspective, we introduce the Adversarial Influence Function (AIF) as a tool to investigate the solution produced by robust optimization. The proposed AIF enjoys a closed-form and can be calculated efficiently and is useful in quantifying the trade-off between accuracy and robustness.The second part is devoted to understanding generalization in modern learning. We investigate how a popular data augmentation scheme helps generalization and also develop a new notion of stability tailored for modern machine learning. Specifically, for data augmentation, we provide theoretical analysis to demonstrate how using Mixup in training helps model robustness and generalization. For robustness, we show that minimizing the Mixup loss corresponds to approximately minimizing an upper bound of the adversarial loss. This explains why models obtained by Mixup training exhibit robustness to several kinds of adversarial attacks such as the Fast Gradient Sign Method (FGSM). For generalization, we prove that Mixup augmentation corresponds to a specific type of data-adaptive regularization that reduces overfitting. Our analysis provides new insights and a framework to understand Mixup. For a new type of stability, we propose \\emph{locally elastic stability} as a weaker and distribution-dependent stability notion, which still yields exponential generalization bounds. We further demonstrate that locally elastic stability implies tighter generalization bounds than those derived based on uniform stability in many situations by revisiting the examples of bounded support vector machines (SVM), regularized least square regressions, and stochastic gradient descent (SGD).The final part is about fairness, where we initiate the study of the construction of \extit{scaffolding sets}, a small collection $\\cC$ of sets with the property that multi-calibration with respect to $\\cC$ ensures recovering predictors of individual probabilities accurately, and not just calibration, of the predictor. Our approach is inspired by the folk wisdom that the intermediate layers of a neural net learn a highly structured and useful data representation.
Machine learning has achieved state-of-the-art performance in many areas, including image recognition and natural language processing. However, there are still many challenges and mysteries attracting numerous researchers. This dissertation comprises a series of works concerning problems at the intersection of computer science theory, adversarial robustness, generalization theory, and social science. The first part is to understand adversarial robustness from two perspectives: the efficiency of popular defense mechanisms against adversarial attacks and to understand how adversarial training trade-offs prediction accuracy to robustness. Specifically, in the first perspective, we investigate the popular defense mechanism that formulates adversarial training as robust optimization and trains with projected gradient descent. We study the non-concave landscape of the adversarial loss of a two-layer neural network. Our main result proves that the projected gradient ascent finds a local maximum of this non-concave problem in a polynomial number of iterations with high probability. In the second perspective, we introduce the Adversarial Influence Function (AIF) as a tool to investigate the solution produced by robust optimization. The proposed AIF enjoys a closed-form and can be calculated efficiently and is useful in quantifying the trade-off between accuracy and robustness.The second part is devoted to understanding generalization in modern learning. We investigate how a popular data augmentation scheme helps generalization and also develop a new notion of stability tailored for modern machine learning. Specifically, for data augmentation, we provide theoretical analysis to demonstrate how using Mixup in training helps model robustness and generalization. For robustness, we show that minimizing the Mixup loss corresponds to approximately minimizing an upper bound of the adversarial loss. This explains why models obtained by Mixup training exhibit robustness to several kinds of adversarial attacks such as the Fast Gradient Sign Method (FGSM). For generalization, we prove that Mixup augmentation corresponds to a specific type of data-adaptive regularization that reduces overfitting. Our analysis provides new insights and a framework to understand Mixup. For a new type of stability, we propose \\emph{locally elastic stability} as a weaker and distribution-dependent stability notion, which still yields exponential generalization bounds. We further demonstrate that locally elastic stability implies tighter generalization bounds than those derived based on uniform stability in many situations by revisiting the examples of bounded support vector machines (SVM), regularized least square regressions, and stochastic gradient descent (SGD).The final part is about fairness, where we initiate the study of the construction of \extit{scaffolding sets}, a small collection $\\cC$ of sets with the property that multi-calibration with respect to $\\cC$ ensures recovering predictors of individual probabilities accurately, and not just calibration, of the predictor. Our approach is inspired by the folk wisdom that the intermediate layers of a neural net learn a highly structured and useful data representation.
분석정보
이 자료와 함께 이용한 RISS 자료
나만을 위한 추천자료
