Fixed-Set Robustness in Programming by Example: Example Corruption and Semantic Partition Recovery

· Source: Machine Learning · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Software Development & Engineering · Depth: Expert, quick

Summary

Fixed-Set Robustness in Programming by Example: Example Corruption and Semantic Partition Recovery investigates a novel adversarial attack on Programming-by-Example (PBE) systems. Unlike traditional noise models, this work focuses on an adversary who strategically corrupts input-output examples to maximize damage to the inferred program within finite PBE version spaces. The paper formalizes this fixed-set worst-case corruption, implementing search methods for a string-transformation DSL. It introduces version-space partition aggregation (VPA) as a defense mechanism, which synthesizes on disjoint example groups and votes by semantic signatures. Key findings indicate that low-margin PBE tasks possess an adversarial robustness dimension overlooked by random-typo and noisy-PBE evaluations. While VPA can recover some corrupted tasks, its effectiveness is limited to scenarios where clean semantics maintain a sufficient partition vote margin, a condition often unmet in realistic applications, as demonstrated across curated DSL tasks, public SyGuS slices, and Playgol v2 benchmarks.

Key takeaway

For Research Scientists developing Programming-by-Example (PBE) systems, you must account for adversarial example corruption, not just random noise. Your PBE system's robustness should be evaluated against targeted attacks that exploit low-margin tasks. If you implement defenses like version-space partition aggregation (VPA), carefully assess whether the clean semantics maintain a sufficient vote margin, as its effectiveness is highly conditional on this factor for real-world applicability.

Key insights

Adversarial example corruption reveals a critical robustness dimension in PBE systems missed by random noise models.

Principles

Method

Version-space partition aggregation (VPA) defends against adversarial corruption by synthesizing on disjoint example groups and voting based on semantic signatures.

In practice

Topics

Best for: AI Scientist, Machine Learning Engineer, Research Scientist

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Machine Learning.