Distributionally and Adversarially Robust Logistic Regression via Intersecting Wasserstein Balls

Aras Selvi; Eleonora Kreacic; Mohsen Ghassemi; Vamsi K. Potluru; Tucker Balch; Manuela Veloso

Distributionally and Adversarially Robust Logistic Regression via Intersecting Wasserstein Balls

Aras Selvi, Eleonora Kreacic, Mohsen Ghassemi, Vamsi K. Potluru, Tucker Balch, Manuela Veloso

Published: 07 May 2025, Last Modified: 13 Jun 2025UAI 2025 OralEveryoneRevisionsBibTeXCC BY 4.0

Keywords: distributionally robust optimization, adversarially robust optimization, logistic regression, Wasserstein ambiguity sets

TL;DR: We study distributionally and adversarially robust logistic regression where distributional ambiguity is modeled by the intersection of two Wasserstein balls.

Abstract: Adversarially robust optimization (ARO) has emerged as the *de facto* standard for training models that hedge against adversarial attacks in the test stage. While these models are robust against adversarial attacks, they tend to suffer severely from overfitting. To address this issue, some successful methods replace the empirical distribution in the training stage with alternatives including *(i)* a worst-case distribution residing in an ambiguity set, resulting in a distributionally robust (DR) counterpart of ARO; *(ii)* a mixture of the empirical distribution with a distribution induced by an auxiliary (*e.g.*, synthetic, external, out-of-domain) dataset. Inspired by the former, we study the Wasserstein DR counterpart of ARO for logistic regression and show it admits a tractable convex optimization reformulation. Adopting the latter setting, we revise the DR approach by intersecting its ambiguity set with another ambiguity set built using the auxiliary dataset, which offers a significant improvement whenever the Wasserstein distance between the data generating and auxiliary distributions can be estimated. We study the underlying optimization problem, develop efficient solution algorithms, and demonstrate that the proposed method outperforms benchmark approaches on standard datasets.

Latex Source Code: zip

Signed PMLR Licence Agreement: pdf

Readers: auai.org/UAI/2025/Conference, auai.org/UAI/2025/Conference/Area_Chairs, auai.org/UAI/2025/Conference/Reviewers, auai.org/UAI/2025/Conference/Submission542/Authors, auai.org/UAI/2025/Conference/Submission542/Reproducibility_Reviewers

Submission Number: 542

Loading