Verifying Robustness of Gradient Boosted Models
This addresses the lack of formal verification methods for gradient boosted models, which is important for ensuring reliability in applications like security and safety, though it is incremental as it applies existing verification techniques to a specific model type.
The authors tackled the problem of verifying robustness to small input perturbations for gradient boosted models, introducing VeriGB, a tool that encodes models and robustness properties as SMT formulas to enable verification, and demonstrated its capability on large models while identifying more robust configurations.
Gradient boosted models are a fundamental machine learning technique. Robustness to small perturbations of the input is an important quality measure for machine learning models, but the literature lacks a method to prove the robustness of gradient boosted models. This work introduces VeriGB, a tool for quantifying the robustness of gradient boosted models. VeriGB encodes the model and the robustness property as an SMT formula, which enables state of the art verification tools to prove the model's robustness. We extensively evaluate VeriGB on publicly available datasets and demonstrate a capability for verifying large models. Finally, we show that some model configurations tend to be inherently more robust than others.