On the adversarial robustness of robust estimators

06/11/2018
by   Erhan Bayaktar, et al.
0

Motivated by recent data analytics applications, we study the adversarial robustness of robust estimators. Instead of assuming that only a fraction of the data points are outliers as considered in the classic robust estimation setup, in this paper, we consider an adversarial setup in which an attacker can observe the whole dataset and can modify all data samples in an adversarial manner so as to maximize the estimation error caused by his attack. We characterize the attacker's optimal attack strategy, and further introduce adversarial influence function (AIF) to quantify an estimator's sensitivity to such adversarial attacks. We provide an approach to characterize AIF for any given robust estimator, and then design optimal estimator that minimizes AIF, which implies it is least sensitive to adversarial attacks and hence is most robust against adversarial attacks. From this characterization, we identify a tradeoff between AIF (i.e., robustness against adversarial attack) and influence function, a quantity used in classic robust estimators to measure robustness against outliers, and design estimators that strike a desirable tradeoff between these two quantities.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
03/27/2019

On the Adversarial Robustness of Multivariate Robust Estimation

In this paper, we investigate the adversarial robustness of multivariate...
research
07/15/2023

Efficient Adversarial Attacks on Online Multi-agent Reinforcement Learning

Due to the broad range of applications of multi-agent reinforcement lear...
research
08/17/2019

On the Adversarial Robustness of Subspace Learning

In this paper, we study the adversarial robustness of subspace learning ...
research
09/05/2016

The Robustness of Estimator Composition

We formalize notions of robustness for composite estimators via the noti...
research
07/03/2022

Tricking the Hashing Trick: A Tight Lower Bound on the Robustness of CountSketch to Adaptive Inputs

CountSketch and Feature Hashing (the "hashing trick") are popular random...
research
07/26/2020

Robust Collective Classification against Structural Attacks

Collective learning methods exploit relations among data points to enhan...
research
10/03/2020

Interpreting Robust Optimization via Adversarial Influence Functions

Robust optimization has been widely used in nowadays data science, espec...

Please sign up or login with your details

Forgot password? Click here to reset