Developing simple, sample-efficient learning algorithms for robust classification is a pressing issue in today's tech-dominated world, and current theoretical techniques requiring exponential sample complexity and complicated improper learning rules fall far from answering the need. In this work we study the fundamental paradigm of (robust) $\textit{empirical risk minimization}$ (RERM), a simple process in which the learner outputs any hypothesis minimizing its training error. RERM famously fails to robustly learn VC classes (Montasser et al., 2019a), a bound we show extends even to `nice' settings such as (bounded) halfspaces. As such, we study a recent relaxation of the robust model called $\textit{tolerant}$ robust learning (Ashtiani et al., 2022) where the output classifier is compared to the best achievable error over slightly larger perturbation sets. We show that under geometric niceness conditions, a natural tolerant variant of RERM is indeed sufficient for $\gamma$-tolerant robust learning VC classes over $\mathbb{R}^d$, and requires only $\tilde{O}\left( \frac{VC(H)d\log \frac{D}{\gamma\delta}}{\epsilon^2}\right)$ samples for robustness regions of (maximum) diameter $D$.

翻译：开发用于鲁棒分类的简单、样本高效学习算法是当今技术主导世界中的紧迫问题，而当前需要指数级样本复杂度和复杂不当学习规则的理论技术远未能满足这一需求。在本工作中，我们研究了（鲁棒）经验风险最小化（RERM）这一基本范式，这是一种学习器输出任何最小化其训练误差的假设的简单过程。RERM 以无法鲁棒地学习 VC 类而闻名（Montasser 等人，2019a），我们证明这一局限甚至扩展到“良好”设置，如有界半空间。因此，我们研究了鲁棒模型的一个近期松弛版本，称为容忍鲁棒学习（Ashtiani 等人，2022），其中输出分类器与在略大扰动集上可实现的最佳误差进行比较。我们证明，在几何良性条件下，RERM 的一种自然容忍变体足以在 $\mathbb{R}^d$ 上实现 $\gamma$-容忍鲁棒学习 VC 类，并且对于（最大）直径为 $D$ 的鲁棒区域，仅需 $\tilde{O}\left( \frac{VC(H)d\log \frac{D}{\gamma\delta}}{\epsilon^2}\right)$ 个样本。