Amazon presents new method for "debugging" machine learning models

{"value":"Machine learning models are usually tested on held-out data from their training sets. But when data distributions in the real world diverge from those in the test set, such tests can overstate model performance. And models can still fail in surprising ways — for instance, systematically mishandling inputs that don’t seem any more challenging than others that the model handles smoothly.\n\n\n\nExamples of three types of misclassifications identified by Defuse. In the distillation step, similar images are grouped together to represent classes of error. In the correction step, the model has been re-trained to handle those classes correctly.\n\nAt the ++[NeurIPS 2021](https://www.amazon.science/conferences-and-events/neurips-2021)++ Workshop on Explainable AI Approaches for Debugging and Diagnosis (XAI4Debugging), my colleagues and I will present [Defuse](https://www.amazon.science/publications/defuse-training-more-robust-models-through-creation-and-correction-of-novel-model-errors), a method that automatically discovers model errors on particular types of input and provides a way to correct them.\n\nGiven a trained image classification model (a classifier), Defuse generates realistic-looking new images that are variations on test-set inputs that the classifier mishandles. Then Defuse sorts misclassified images into high-level “model bugs” — groups of similar images that consistently cause errors. Users can then identify scenarios under which their models would fail and train more-robust models.\n\nDuring retraining, we mix the artificially generated error-causing data with the model’s original training data, in a ratio controlled by a parameter, λ. In experiments, we show that for each of three sample datasets, there is a value of λ that enables consistently high performance on the input classes identified by Defuse while largely preserving performance on the original data.\n\n\n\nPerformance on the original test set (blue) and on the error classes identified by Defuse (orange) for different values of λ.\n\nTo spur further research on this problem, we have publicly released ++[the code for Defuse](https://github.com/amazon-research/creating-and-correcting-novel-ml-model-errors)++ on GitHub.\n\n#### **Data augmentation**\n\nTo generate our synthetic images, we train a variational autoencoder (VAE) on the classifier’s training data. A VAE is a model trained to output the same data that it takes as input, but in-between, it produces a vector representation that captures salient properties of the input. That vector representation defines a latent space in which proximity indicates similarity of data.\n\nOnce the VAE is trained, we use its latent space to generate new image data. In the image below, we show how the VAE can interpolate between two test images — which define points in the latent space — to generate new related images.\n\n\n\nDefuse uses the latent space of a trained VAE to generate new data.\n\nThe VAE’s latent representations are the basis of Defuse’s three main steps: identification, distillation, and correction.\n\n**Identification**: First, Defuse encodes all the images from the training data using the trained VAE. Perturbing a latent code with small amounts of noise should cause the decoded instances to have small but semantically meaningful differences from the original instance. The perturbations are assigned the same label as the original instance, and Defuse saves instances that the classifier misclassifies. In the figure above, the red number in the upper right-hand corner of each input image is the classifier’s prediction.\n\n**Distillation**: Next, a clustering model groups together the latent codes of the images from the previous step to diagnose misclassification regions. In the example above, Defuse groups together generated images of the digit 8 that are incorrectly classified as 3. Defuse uses a ++[Gaussian mixture model](https://en.wikipedia.org/wiki/Mixture_model#Gaussian_mixture_model)++ with a ++[Dirichlet process](https://en.wikipedia.org/wiki/Dirichlet_process)++ prior because the number of clusters is unknown ahead of time.\n\nBelow is a low-dimensional (t-distributed stochastic neighbor embedding, or t-SNE) visualization of latent codes obtained from one of the three datasets we used in our experiments. The blue circles are the latent codes of images in the training set; the black dots are the latent codes of generated images that were identified as classifier mistakes. The red dots are the three decoded latent codes, where the red number in the upper left-hand corner is the classifier label.\n\n\n\nA low-dimensional (t-SNE) visualization of the latent space encodings of images in a dataset (blue dots) and generated new samples (black dots).\n\n**Correction**: The clusters created in the distillation step are then annotated by labelers. Defuse runs the correction step using both the annotator-labeled data and the original training data, mixed according the parameter λ.\n\n#### **Experiments**\n\nWe conducted experiments on three public benchmark datasets, assessing accuracy on both the misclassification region test data and the original test set after performing correction. We compared Defuse to finetuning only on the images from the identification step that are labeled as classifier mistakes by annotators. We expect this baseline to be reasonable because related works that focus on robustness to classic adversarial attacks demonstrate the effectiveness of tuning directly on the adversarial examples. Overall, these results indicate that the correction step in Defuse is highly effective at correcting the errors discovered during identification and distillation.\n\n\n\nSamples from three misclassification regions for each of our three test datasets.\n\nNovelty of the misclassified instances generated with Defuse: We expect Defuse to find novel model misclassifications beyond those revealed by the available data. To test this hypothesis, we compared the errors proposed by Defuse (the misclassification region data) and the misclassified training data.\n\nWe chose 10 images from the misclassification regions and found their nearest neighbors in the misclassified training data. In the figure below, we can see that the data in the misclassification regions reveal different types of errors than are found in the training set.\n\n\n\nWe compare samples from the misclassification regions with their nearest neighbors in the training-set data. We see that the misclassification regions reveal novel sources of model error not found in the misclassified training data.\n\nTo learn more about Defuse check out the [paper](https://www.amazon.science/publications/defuse-training-more-robust-models-through-creation-and-correction-of-novel-model-errors) and the [repository](https://github.com/amazon-research/creating-and-correcting-novel-ml-model-errors).\n\n**Acknowledgements**: Krishnaram Kenthapadi\n\nABOUT THE AUTHOR\n\n#### **Dylan Slack**\n\nDylan Slack is a graduate student in computer science at the University of California, Irvine. He worked on this project as a summer intern at Amazon in 2020.\n\n#### **[Nathalie Rauschmayr](https://www.amazon.science/author/nathalie-rauschmayr)**\n\nNathalie Rauschmayr is an applied scientist with Amazon Web Services.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n","render":"<p>Machine learning models are usually tested on held-out data from their training sets. But when data distributions in the real world diverge from those in the test set, such tests can overstate model performance. And models can still fail in surprising ways — for instance, systematically mishandling inputs that don’t seem any more challenging than others that the model handles smoothly.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/836f87cd39b945c9ada88d8814a16492_image.png\" alt=\"image.png\" /></p>\n<p>Examples of three types of misclassifications identified by Defuse. In the distillation step, similar images are grouped together to represent classes of error. In the correction step, the model has been re-trained to handle those classes correctly.</p>\n<p>At the <ins><a href=\"https://www.amazon.science/conferences-and-events/neurips-2021\" target=\"_blank\">NeurIPS 2021</a></ins> Workshop on Explainable AI Approaches for Debugging and Diagnosis (XAI4Debugging), my colleagues and I will present <a href=\"https://www.amazon.science/publications/defuse-training-more-robust-models-through-creation-and-correction-of-novel-model-errors\" target=\"_blank\">Defuse</a>, a method that automatically discovers model errors on particular types of input and provides a way to correct them.</p>\n<p>Given a trained image classification model (a classifier), Defuse generates realistic-looking new images that are variations on test-set inputs that the classifier mishandles. Then Defuse sorts misclassified images into high-level “model bugs” — groups of similar images that consistently cause errors. Users can then identify scenarios under which their models would fail and train more-robust models.</p>\n<p>During retraining, we mix the artificially generated error-causing data with the model’s original training data, in a ratio controlled by a parameter, λ. In experiments, we show that for each of three sample datasets, there is a value of λ that enables consistently high performance on the input classes identified by Defuse while largely preserving performance on the original data.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/7a633698caf742b4af40c20049bf2ac0_image.png\" alt=\"image.png\" /></p>\n<p>Performance on the original test set (blue) and on the error classes identified by Defuse (orange) for different values of λ.</p>\n<p>To spur further research on this problem, we have publicly released <ins><a href=\"https://github.com/amazon-research/creating-and-correcting-novel-ml-model-errors\" target=\"_blank\">the code for Defuse</a></ins> on GitHub.</p>\n<h4><a id=\"Data_augmentation_18\"></a><strong>Data augmentation</strong></h4>\n<p>To generate our synthetic images, we train a variational autoencoder (VAE) on the classifier’s training data. A VAE is a model trained to output the same data that it takes as input, but in-between, it produces a vector representation that captures salient properties of the input. That vector representation defines a latent space in which proximity indicates similarity of data.</p>\n<p>Once the VAE is trained, we use its latent space to generate new image data. In the image below, we show how the VAE can interpolate between two test images — which define points in the latent space — to generate new related images.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/2463d964740348be93655aa7c5ae54e0_%E4%B8%8B%E8%BD%BD.gif\" alt=\"下载.gif\" /></p>\n<p>Defuse uses the latent space of a trained VAE to generate new data.</p>\n<p>The VAE’s latent representations are the basis of Defuse’s three main steps: identification, distillation, and correction.</p>\n<p><strong>Identification</strong>: First, Defuse encodes all the images from the training data using the trained VAE. Perturbing a latent code with small amounts of noise should cause the decoded instances to have small but semantically meaningful differences from the original instance. The perturbations are assigned the same label as the original instance, and Defuse saves instances that the classifier misclassifies. In the figure above, the red number in the upper right-hand corner of each input image is the classifier’s prediction.</p>\n<p><strong>Distillation</strong>: Next, a clustering model groups together the latent codes of the images from the previous step to diagnose misclassification regions. In the example above, Defuse groups together generated images of the digit 8 that are incorrectly classified as 3. Defuse uses a <ins><a href=\"https://en.wikipedia.org/wiki/Mixture_model#Gaussian_mixture_model\" target=\"_blank\">Gaussian mixture model</a></ins> with a <ins><a href=\"https://en.wikipedia.org/wiki/Dirichlet_process\" target=\"_blank\">Dirichlet process</a></ins> prior because the number of clusters is unknown ahead of time.</p>\n<p>Below is a low-dimensional (t-distributed stochastic neighbor embedding, or t-SNE) visualization of latent codes obtained from one of the three datasets we used in our experiments. The blue circles are the latent codes of images in the training set; the black dots are the latent codes of generated images that were identified as classifier mistakes. The red dots are the three decoded latent codes, where the red number in the upper left-hand corner is the classifier label.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/89aa3da73f5243c6ad77757dbea0884b_image.png\" alt=\"image.png\" /></p>\n<p>A low-dimensional (t-SNE) visualization of the latent space encodings of images in a dataset (blue dots) and generated new samples (black dots).</p>\n<p><strong>Correction</strong>: The clusters created in the distillation step are then annotated by labelers. Defuse runs the correction step using both the annotator-labeled data and the original training data, mixed according the parameter λ.</p>\n<h4><a id=\"Experiments_42\"></a><strong>Experiments</strong></h4>\n<p>We conducted experiments on three public benchmark datasets, assessing accuracy on both the misclassification region test data and the original test set after performing correction. We compared Defuse to finetuning only on the images from the identification step that are labeled as classifier mistakes by annotators. We expect this baseline to be reasonable because related works that focus on robustness to classic adversarial attacks demonstrate the effectiveness of tuning directly on the adversarial examples. Overall, these results indicate that the correction step in Defuse is highly effective at correcting the errors discovered during identification and distillation.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/746071c8f2f4402a8cca1b370ff7a6d7_image.png\" alt=\"image.png\" /></p>\n<p>Samples from three misclassification regions for each of our three test datasets.</p>\n<p>Novelty of the misclassified instances generated with Defuse: We expect Defuse to find novel model misclassifications beyond those revealed by the available data. To test this hypothesis, we compared the errors proposed by Defuse (the misclassification region data) and the misclassified training data.</p>\n<p>We chose 10 images from the misclassification regions and found their nearest neighbors in the misclassified training data. In the figure below, we can see that the data in the misclassification regions reveal different types of errors than are found in the training set.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/3afd799b0353463a8065af3ba6e1210a_image.png\" alt=\"image.png\" /></p>\n<p>We compare samples from the misclassification regions with their nearest neighbors in the training-set data. We see that the misclassification regions reveal novel sources of model error not found in the misclassified training data.</p>\n<p>To learn more about Defuse check out the <a href=\"https://www.amazon.science/publications/defuse-training-more-robust-models-through-creation-and-correction-of-novel-model-errors\" target=\"_blank\">paper</a> and the <a href=\"https://github.com/amazon-research/creating-and-correcting-novel-ml-model-errors\" target=\"_blank\">repository</a>.</p>\n<p><strong>Acknowledgements</strong>: Krishnaram Kenthapadi</p>\n<p>ABOUT THE AUTHOR</p>\n<h4><a id=\"Dylan_Slack_64\"></a><strong>Dylan Slack</strong></h4>\n<p>Dylan Slack is a graduate student in computer science at the University of California, Irvine. He worked on this project as a summer intern at Amazon in 2020.</p>\n<h4><a id=\"Nathalie_Rauschmayrhttpswwwamazonscienceauthornathalierauschmayr_68\"></a><strong><a href=\"https://www.amazon.science/author/nathalie-rauschmayr\" target=\"_blank\">Nathalie Rauschmayr</a></strong></h4>\n<p>Nathalie Rauschmayr is an applied scientist with Amazon Web Services.</p>\n"}