Chapter 4 Robustness, Adversary and Causality

I think robust AI or trustful AI is the future of the AI systems that will be deployed to interact with human beings and facilitate their daily lives because of the guarantee of their worst-case behavior. However, current machine learning models are purely data-driven with less human prior knowledge and no guarantee or failure protection against unseen adversaries. The reason for such crispness might reside in the model’s ignorance of causality underlying the observations or resulted from current input representation with high dimensionality that causes unknown mystery of bug in that geometric space.

To clarify this intertwined topic, in this chapter, I would like to search for hidden connections between robustness and causality or high dimensional statistics. The discussions mainly focus on model family of recent advanced deep neural networks. However, robustness and adversary are more historical concepts. The initial coverage of topics includes:

• Adversary and adversarial training;
• Adversarial training and task performance;
• Certified (or verified, provable) robustness;
• Applications in natural language processing.