We put forward a novel learning methodology for ensembles of decision trees based on a genetic algorithm that is able to train a decision tree for maximizing both its accuracy and its robustness to adversarial perturbations. This learning algorithm internally leverages a complete formal verification technique for robustness properties of decision trees based on abstract interpretation, a well-known static program analysis technique. We implemented this genetic adversarial training algorithm in a tool called MetaSilvae and we experimentally evaluated it on some standard reference datasets used in adversarial training. The experimental results show that MetaSilvae is able to train robust models that compete with and often improve on the current state-of-the-art of adversarial training of decision trees while being much more compact and therefore interpretable and efficient tree models.

Genetic adversarial training of decision trees

Ranzato F.
;Zanella M.
2021

Abstract

We put forward a novel learning methodology for ensembles of decision trees based on a genetic algorithm that is able to train a decision tree for maximizing both its accuracy and its robustness to adversarial perturbations. This learning algorithm internally leverages a complete formal verification technique for robustness properties of decision trees based on abstract interpretation, a well-known static program analysis technique. We implemented this genetic adversarial training algorithm in a tool called MetaSilvae and we experimentally evaluated it on some standard reference datasets used in adversarial training. The experimental results show that MetaSilvae is able to train robust models that compete with and often improve on the current state-of-the-art of adversarial training of decision trees while being much more compact and therefore interpretable and efficient tree models.
2021
GECCO 2021 - Proceedings of the 2021 Genetic and Evolutionary Computation Conference
2021 Genetic and Evolutionary Computation Conference, GECCO 2021
WOS:000773791800044
2-s2.0-85110127624
9781450383509
04.01 - Contributo in atti di convegno
File in questo prodotto:
File Dimensione Formato  
cameraready.pdf

accesso aperto

Tipologia: Postprint (accepted version)
Licenza: Accesso libero
Dimensione 755.03 kB
Formato Adobe PDF
Visualizza/Apri
755.03 kB Adobe PDF Visualizza/Apri
3449639.3459286.pdf

solo utenti autorizzati

Tipologia: Published (publisher's version)
Licenza: Accesso privato - non pubblico
Dimensione 764.48 kB
Formato Adobe PDF
Visualizza/Apri   Richiedi una copia
764.48 kB Adobe PDF Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11577/3400194
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 12
  • ???jsp.display-item.citation.isi??? 12
  • OpenAlex ND
social impact