We develop a Distributionally Robust Optimization (DRO) formulation for Multiclass Logistic Regression (MLR), which could tolerate data contaminated by outliers. The DRO framework uses a probabilistic ambiguity set defined as a ball of distributions that are close to the empirical distribution of the training set in the sense of the Wasserstein metric. We relax the DRO formulation into a regularized learning problem whose regularizer is a norm of the coefficient matrix. We establish out-of-sample performance guarantees for the solutions to our model, offering insights on the role of the regularizer in controlling the prediction error. We apply the proposed method in rendering deep Vision Transformer (ViT)-based image classifiers robust to random and adversarial attacks. Specifically, using the MNIST and CIFAR-10 datasets, we demonstrate reductions in test error rate by up to 83.5% and loss by up to 91.3% compared with baseline methods, by adopting a novel random training method.

翻译：我们提出了一种用于多类逻辑回归（MLR）的分布鲁棒优化（DRO）公式，该公式能够容忍由离群点污染的数据。DRO框架使用一个概率模糊性集，该集合定义为在Wasserstein度量意义上接近训练集经验分布的分布球。我们将DRO公式松弛为一个正则化学习问题，其正则化项是系数矩阵的范数。我们为模型解建立了样本外性能保证，揭示了正则化项在控制预测误差中的作用。我们将所提出的方法应用于使基于深度视觉Transformer（ViT）的图像分类器对随机和对抗攻击具有鲁棒性。具体来说，使用MNIST和CIFAR-10数据集，通过采用一种新颖的随机训练方法，与基线方法相比，我们在测试错误率上实现了高达83.5%的降低，在损失上实现了高达91.3%的降低。