On Collective Robustness of Bagging Against Data Poisoning

05/26/2022
by   Ruoxin Chen, et al.
0

Bootstrap aggregating (bagging) is an effective ensemble protocol, which is believed can enhance robustness by its majority voting mechanism. Recent works further prove the sample-wise robustness certificates for certain forms of bagging (e.g. partition aggregation). Beyond these particular forms, in this paper, we propose the first collective certification for general bagging to compute the tight robustness against the global poisoning attack. Specifically, we compute the maximum number of simultaneously changed predictions via solving a binary integer linear programming (BILP) problem. Then we analyze the robustness of vanilla bagging and give the upper bound of the tolerable poison budget. Based on this analysis, we propose hash bagging to improve the robustness of vanilla bagging almost for free. This is achieved by modifying the random subsampling in vanilla bagging to a hash-based deterministic subsampling, as a way of controlling the influence scope for each poisoning sample universally. Our extensive experiments show the notable advantage in terms of applicability and robustness.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/12/2020

Robustness Verification for Classifier Ensembles

We give a formal verification procedure that decides whether a classifie...
research
08/30/2023

On the difficulty to beat the first linear programming bound for binary codes

The first linear programming bound of McEliece, Rodemich, Rumsey, and We...
research
08/06/2018

Error Correction Maximization for Deep Image Hashing

We propose to use the concept of the Hamming bound to derive the optimal...
research
12/01/2021

Collective discrete optimisation as judgment aggregation

Many important collective decision-making problems can be seen as multi-...
research
08/17/2022

Robustness of the Tangle 2.0 Consensus

In this paper, we investigate the performance of the Tangle 2.0 consensu...
research
08/11/2020

Intrinsic Certified Robustness of Bagging against Data Poisoning Attacks

In a data poisoning attack, an attacker modifies, deletes, and/or insert...

Please sign up or login with your details

Forgot password? Click here to reset