Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments

Heeyoung Lee; Hoyoon Byun; Changdae Oh; Jin Yeong Bak; Kyungwoo Song

doi:10.3233/FAIA240724

Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments

Heeyoung Lee, Hoyoon Byun, Changdae Oh, Jin Yeong Bak, Kyungwoo Song

Department of Applied Statistics

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Accessing machine learning models through remote APIs has been gaining prevalence following the recent trend of scaling up model parameters for increased performance. Even though these models exhibit remarkable ability, detecting out-of-distribution (OOD) samples remains a crucial safety concern for end users as these samples may induce unreliable outputs from the model. In this work, we propose an OOD detection framework, MixDiff, that is applicable even when the model's parameters or its activations are not accessible to the end user. To bypass the access restriction, MixDiff applies an identical input-level perturbation to a given target sample and a similar in-distribution (ID) sample, then compares the relative difference in the model outputs of these two samples. MixDiff is model-agnostic and compatible with existing output-based OOD detection methods. We provide theoretical analysis to illustrate MixDiff's effectiveness in discerning OOD samples that induce overconfident outputs from the model and empirically demonstrate that MixDiff consistently enhances the OOD detection performance on various datasets in vision and text domains.

Original language	English
Title of host publication	ECAI 2024 - 27th European Conference on Artificial Intelligence, Including 13th Conference on Prestigious Applications of Intelligent Systems, PAIS 2024, Proceedings
Editors	Ulle Endriss, Francisco S. Melo, Kerstin Bach, Alberto Bugarin-Diz, Jose M. Alonso-Moral, Senen Barro, Fredrik Heintz
Publisher	IOS Press BV
Pages	2066-2073
Number of pages	8
ISBN (Electronic)	9781643685489
DOIs	https://doi.org/10.3233/FAIA240724
Publication status	Published - 2024 Oct 16
Event	27th European Conference on Artificial Intelligence, ECAI 2024 - Santiago de Compostela, Spain Duration: 2024 Oct 19 → 2024 Oct 24

Publication series

Name	Frontiers in Artificial Intelligence and Applications
Volume	392
ISSN (Print)	0922-6389
ISSN (Electronic)	1879-8314

Conference

Conference	27th European Conference on Artificial Intelligence, ECAI 2024
Country/Territory	Spain
City	Santiago de Compostela
Period	24/10/19 → 24/10/24

Bibliographical note

Publisher Copyright:
© 2024 The Authors.

All Science Journal Classification (ASJC) codes

Artificial Intelligence

Access to Document

10.3233/FAIA240724

Cite this

Lee, H., Byun, H., Oh, C., Bak, J. Y., & Song, K. (2024). Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments. In U. Endriss, F. S. Melo, K. Bach, A. Bugarin-Diz, J. M. Alonso-Moral, S. Barro, & F. Heintz (Eds.), ECAI 2024 - 27th European Conference on Artificial Intelligence, Including 13th Conference on Prestigious Applications of Intelligent Systems, PAIS 2024, Proceedings (pp. 2066-2073). (Frontiers in Artificial Intelligence and Applications; Vol. 392). IOS Press BV. https://doi.org/10.3233/FAIA240724

Lee, Heeyoung ; Byun, Hoyoon ; Oh, Changdae et al. / Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments. ECAI 2024 - 27th European Conference on Artificial Intelligence, Including 13th Conference on Prestigious Applications of Intelligent Systems, PAIS 2024, Proceedings. editor / Ulle Endriss ; Francisco S. Melo ; Kerstin Bach ; Alberto Bugarin-Diz ; Jose M. Alonso-Moral ; Senen Barro ; Fredrik Heintz. IOS Press BV, 2024. pp. 2066-2073 (Frontiers in Artificial Intelligence and Applications).

@inproceedings{51c10cec79bb4e688517e067212a5c3f,

title = "Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments",

abstract = "Accessing machine learning models through remote APIs has been gaining prevalence following the recent trend of scaling up model parameters for increased performance. Even though these models exhibit remarkable ability, detecting out-of-distribution (OOD) samples remains a crucial safety concern for end users as these samples may induce unreliable outputs from the model. In this work, we propose an OOD detection framework, MixDiff, that is applicable even when the model's parameters or its activations are not accessible to the end user. To bypass the access restriction, MixDiff applies an identical input-level perturbation to a given target sample and a similar in-distribution (ID) sample, then compares the relative difference in the model outputs of these two samples. MixDiff is model-agnostic and compatible with existing output-based OOD detection methods. We provide theoretical analysis to illustrate MixDiff's effectiveness in discerning OOD samples that induce overconfident outputs from the model and empirically demonstrate that MixDiff consistently enhances the OOD detection performance on various datasets in vision and text domains.",

author = "Heeyoung Lee and Hoyoon Byun and Changdae Oh and Bak, {Jin Yeong} and Kyungwoo Song",

note = "Publisher Copyright: {\textcopyright} 2024 The Authors.; 27th European Conference on Artificial Intelligence, ECAI 2024 ; Conference date: 19-10-2024 Through 24-10-2024",

year = "2024",

month = oct,

day = "16",

doi = "10.3233/FAIA240724",

language = "English",

series = "Frontiers in Artificial Intelligence and Applications",

publisher = "IOS Press BV",

pages = "2066--2073",

editor = "Ulle Endriss and Melo, {Francisco S.} and Kerstin Bach and Alberto Bugarin-Diz and Alonso-Moral, {Jose M.} and Senen Barro and Fredrik Heintz",

booktitle = "ECAI 2024 - 27th European Conference on Artificial Intelligence, Including 13th Conference on Prestigious Applications of Intelligent Systems, PAIS 2024, Proceedings",

address = "Netherlands",

}

Lee, H, Byun, H, Oh, C, Bak, JY & Song, K 2024, Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments. in U Endriss, FS Melo, K Bach, A Bugarin-Diz, JM Alonso-Moral, S Barro & F Heintz (eds), ECAI 2024 - 27th European Conference on Artificial Intelligence, Including 13th Conference on Prestigious Applications of Intelligent Systems, PAIS 2024, Proceedings. Frontiers in Artificial Intelligence and Applications, vol. 392, IOS Press BV, pp. 2066-2073, 27th European Conference on Artificial Intelligence, ECAI 2024, Santiago de Compostela, Spain, 24/10/19. https://doi.org/10.3233/FAIA240724

Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments. / Lee, Heeyoung; Byun, Hoyoon; Oh, Changdae et al.
ECAI 2024 - 27th European Conference on Artificial Intelligence, Including 13th Conference on Prestigious Applications of Intelligent Systems, PAIS 2024, Proceedings. ed. / Ulle Endriss; Francisco S. Melo; Kerstin Bach; Alberto Bugarin-Diz; Jose M. Alonso-Moral; Senen Barro; Fredrik Heintz. IOS Press BV, 2024. p. 2066-2073 (Frontiers in Artificial Intelligence and Applications; Vol. 392).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments

AU - Lee, Heeyoung

AU - Byun, Hoyoon

AU - Oh, Changdae

AU - Bak, Jin Yeong

AU - Song, Kyungwoo

PY - 2024/10/16

Y1 - 2024/10/16

N2 - Accessing machine learning models through remote APIs has been gaining prevalence following the recent trend of scaling up model parameters for increased performance. Even though these models exhibit remarkable ability, detecting out-of-distribution (OOD) samples remains a crucial safety concern for end users as these samples may induce unreliable outputs from the model. In this work, we propose an OOD detection framework, MixDiff, that is applicable even when the model's parameters or its activations are not accessible to the end user. To bypass the access restriction, MixDiff applies an identical input-level perturbation to a given target sample and a similar in-distribution (ID) sample, then compares the relative difference in the model outputs of these two samples. MixDiff is model-agnostic and compatible with existing output-based OOD detection methods. We provide theoretical analysis to illustrate MixDiff's effectiveness in discerning OOD samples that induce overconfident outputs from the model and empirically demonstrate that MixDiff consistently enhances the OOD detection performance on various datasets in vision and text domains.

AB - Accessing machine learning models through remote APIs has been gaining prevalence following the recent trend of scaling up model parameters for increased performance. Even though these models exhibit remarkable ability, detecting out-of-distribution (OOD) samples remains a crucial safety concern for end users as these samples may induce unreliable outputs from the model. In this work, we propose an OOD detection framework, MixDiff, that is applicable even when the model's parameters or its activations are not accessible to the end user. To bypass the access restriction, MixDiff applies an identical input-level perturbation to a given target sample and a similar in-distribution (ID) sample, then compares the relative difference in the model outputs of these two samples. MixDiff is model-agnostic and compatible with existing output-based OOD detection methods. We provide theoretical analysis to illustrate MixDiff's effectiveness in discerning OOD samples that induce overconfident outputs from the model and empirically demonstrate that MixDiff consistently enhances the OOD detection performance on various datasets in vision and text domains.

UR - http://www.scopus.com/inward/record.url?scp=85213403169&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85213403169&partnerID=8YFLogxK

U2 - 10.3233/FAIA240724

DO - 10.3233/FAIA240724

M3 - Conference contribution

AN - SCOPUS:85213403169

T3 - Frontiers in Artificial Intelligence and Applications

SP - 2066

EP - 2073

BT - ECAI 2024 - 27th European Conference on Artificial Intelligence, Including 13th Conference on Prestigious Applications of Intelligent Systems, PAIS 2024, Proceedings

A2 - Endriss, Ulle

A2 - Melo, Francisco S.

A2 - Bach, Kerstin

A2 - Bugarin-Diz, Alberto

A2 - Alonso-Moral, Jose M.

A2 - Barro, Senen

A2 - Heintz, Fredrik

PB - IOS Press BV

T2 - 27th European Conference on Artificial Intelligence, ECAI 2024

Y2 - 19 October 2024 through 24 October 2024

ER -

Lee H, Byun H, Oh C, Bak JY, Song K. Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments. In Endriss U, Melo FS, Bach K, Bugarin-Diz A, Alonso-Moral JM, Barro S, Heintz F, editors, ECAI 2024 - 27th European Conference on Artificial Intelligence, Including 13th Conference on Prestigious Applications of Intelligent Systems, PAIS 2024, Proceedings. IOS Press BV. 2024. p. 2066-2073. (Frontiers in Artificial Intelligence and Applications). doi: 10.3233/FAIA240724

Perturb-and-Compare Approach for Detecting Out-of-Distribution Samples in Constrained Access Environments

Abstract

Publication series

Conference

Bibliographical note

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this