Decision making and learning in the presence of uncertainty has attracted significant attention in view of the increasing need to achieve robust and reliable operations. In the case where uncertainty stems from the presence of adversarial attacks this need is becoming more prominent. In this paper we focus on linear and nonlinear classification problems and propose a novel adversarial training method for robust classifiers, inspired by Support Vector Machine (SVM) margins. We view robustness under a data driven lens, and derive finite sample complexity bounds for both linear and non-linear classifiers in binary and multi-class scenarios. Notably, our bounds match natural classifiers' complexity. Our algorithm minimizes a worst-case surrogate loss using Linear Programming (LP) and Second Order Cone Programming (SOCP) for linear and non-linear models. Numerical experiments on the benchmark MNIST and CIFAR10 datasets show our approach's comparable performance to state-of-the-art methods, without needing adversarial examples during training. Our work offers a comprehensive framework for enhancing binary linear and non-linear classifier robustness, embedding robustness in learning under the presence of adversaries.

翻译：在不确定性存在情况下的决策与学习，由于实现鲁棒可靠操作的需求日益增长而受到广泛关注。当不确定性源于对抗攻击时，这种需求愈发突出。本文聚焦于线性和非线性分类问题，受支持向量机（SVM）间隔启发，提出一种新颖的鲁棒分类器对抗训练方法。我们从数据驱动视角审视鲁棒性，推导了二元及多类场景下线性与非线性分类器的有限样本复杂度界。值得注意的是，我们的界与自然分类器的复杂度相匹配。针对线性和非线性模型，我们的算法分别使用线性规划（LP）和二阶锥规划（SOCP）最小化最坏情况替代损失。在基准MNIST和CIFAR10数据集上的数值实验表明，所提方法在不需训练中对抗样本的情况下，其性能与现有最优方法相当。本研究为提升二元线性与非线性分类器鲁棒性提供了全面框架，将鲁棒性嵌入对抗存在下的学习过程中。