Towards Fair and Robust Classification

Robustness and fairness are two equally important issues for machine learning systems. Despite the active research on robustness and fairness of ML recently, these efforts focus on either fairness or robustness, but not both. To bridge this gap, in this paper, we design Fair and Robust Classification (FRoC) models that equip the classification models with both fairness and robustness. Meeting both fairness and robustness constraints is not trivial due to the tension between them. The trade-off between fairness, robustness, and model accuracy also introduces additional challenge. To address these challenges, we design two FRoC methods, namely FROC-PRE that modifies the input data before model training, and FROC-IN that modifies the model with an adversarial objective function to address both fairness and robustness during training. FROC-IN is suitable to the settings where the users (e.g., ML service providers) only have the access to the model but not the original data, while FROC-PRE works for the settings where the users (e.g., data owners) have the access to both data and a surrogate model that may have similar architecture as the target model. Our extensive experiments on real-world datasets demonstrate that both FROC-IN and FROC-PRE can achieve both fairness and robustness with insignificant accuracy loss of the target model.