Evaluating Robustness of Predictive Uncertainty Estimation: Are Dirichlet-based Models Reliable?
This work addresses the reliability of uncertainty estimation in machine learning for practitioners, revealing vulnerabilities in a promising class of models and proposing a solution, though it is incremental as it builds on existing methods.
The study tackled the robustness of Dirichlet-based uncertainty models under adversarial attacks, finding that their uncertainty estimates are not robust for key tasks like indicating correct/wrong classifications, detecting adversarial examples, and distinguishing in-distribution from out-of-distribution data, with a median smoothing approach significantly improving robustness.
Dirichlet-based uncertainty (DBU) models are a recent and promising class of uncertainty-aware models. DBU models predict the parameters of a Dirichlet distribution to provide fast, high-quality uncertainty estimates alongside with class predictions. In this work, we present the first large-scale, in-depth study of the robustness of DBU models under adversarial attacks. Our results suggest that uncertainty estimates of DBU models are not robust w.r.t. three important tasks: (1) indicating correctly and wrongly classified samples; (2) detecting adversarial examples; and (3) distinguishing between in-distribution (ID) and out-of-distribution (OOD) data. Additionally, we explore the first approaches to make DBU models more robust. While adversarial training has a minor effect, our median smoothing based approach significantly increases robustness of DBU models.