adversarial regression with multiple learners
play

Adversarial Regression with Multiple Learners Liang Tong 1 Sixie Yu - PowerPoint PPT Presentation

Feb 02, 2024 •2.96k likes •3.32k views

Adversarial Regression with Multiple Learners Liang Tong 1 Sixie Yu 1 Scott Alfeld 2 Yevgeniy Vorobeychik 1 1 Electrical Engineering and Computer Science Vanderbilt University 2 Computer Science Amherst College ICML 2018 ( Electrical

  1. Adversarial Regression with Multiple Learners Liang Tong ∗ 1 Sixie Yu ∗ 1 Scott Alfeld 2 Yevgeniy Vorobeychik 1 1 Electrical Engineering and Computer Science Vanderbilt University 2 Computer Science Amherst College ICML 2018 ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 1 / 21

  2. Problem Setting ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 2 / 21

  3. Motivation Adversaries can change features at test time to cause incorrect predictions. i.e., change features of a house (i.e., square feet, #rooms) to fool online real-estate evaluation system, or make invisible changes to pictures to fool classifier. ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 3 / 21

  4. Motivation Adversaries can change features at test time to cause incorrect predictions. i.e., change features of a house (i.e., square feet, #rooms) to fool online real-estate evaluation system, or make invisible changes to pictures to fool classifier. Previous investigations of this problem pit a single learner against an adversary. [ Bruckner11 , Dalvi04 , li2014feature , zhou2012 ] ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 3 / 21

  5. Motivation Adversaries can change features at test time to cause incorrect predictions. i.e., change features of a house (i.e., square feet, #rooms) to fool online real-estate evaluation system, or make invisible changes to pictures to fool classifier. Previous investigations of this problem pit a single learner against an adversary. [ Bruckner11 , Dalvi04 , li2014feature , zhou2012 ] But an adversary’s decision is usually aimed at a collection of learners. i.e., an adversary crafts generic malwares and disseminate them widely. ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 3 / 21

  6. Motivation Adversaries can change features at test time to cause incorrect predictions. i.e., change features of a house (i.e., square feet, #rooms) to fool online real-estate evaluation system, or make invisible changes to pictures to fool classifier. Previous investigations of this problem pit a single learner against an adversary. [ Bruckner11 , Dalvi04 , li2014feature , zhou2012 ] But an adversary’s decision is usually aimed at a collection of learners. i.e., an adversary crafts generic malwares and disseminate them widely. The learners all make autonomous decisions about how to detect malicious content. ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 3 / 21

  7. Table of Contents Learner Model 1 Attacker Model 2 Multi-Learner Stackelberg Game (MLSG) 3 Existence and Uniqueness of the Equilibrium 4 Computing the MLNE 5 Robustness analysis 6 References 7 ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 4 / 21

  8. Learner Model ( X , y ): training dataset from an unknown distribution D . X = [ x 1 , ..., x m ] ⊤ and y = [ y 1 , y 2 , ..., y m ] ⊤ : x j the j th instance and y j its corresponding response variable. ′ (a modification of D ) Test data is drawn from a distribution D manipulated by the attacker. ′ ( D ) with probability β (1 − β ). An instance from D The action of the i th learner is to learn the parameters of the linear regression model: θ i , which results in ˆ y i = X θ i . The expected cost function of the i th learner: ′ ) = β E ( X ′ , y ) ∼D ′ [ ℓ ( X ′ θ i , y )] + (1 − β ) E ( X , y ) ∼D [ ℓ ( X θ i , y )] c i ( θ i , D (1) y − y || 2 where ℓ (ˆ y , y ) = || ˆ 2 . ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 5 / 21

  9. Table of Contents Learner Model 1 Attacker Model 2 Multi-Learner Stackelberg Game (MLSG) 3 Existence and Uniqueness of the Equilibrium 4 Computing the MLNE 5 Robustness analysis 6 References 7 ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 6 / 21

  10. Attacker Model ′ , y ), Every instance ( x , y ) is maliciously modified by the attacker to ( x with probability β . Assume the attacker has an instance-specific target z ( x ). ′ close to z ( x ). y = θ ⊤ The objective of the attacker: ˆ i x y − z || 2 The attacker’s objective is measured by: ℓ (ˆ y , z ) = || ˆ 2 . ′ incurs costs: R ( X ′ − X || 2 ′ , X ) = || X Transforming X to X F . The expected cost function of the attacker: n � ′ ) = ′ θ i , z ) + λ R ( X ′ , X ) c a ( { θ i } n i =1 , X ℓ ( X (2) i =1 ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 7 / 21

  11. Table of Contents Learner Model 1 Attacker Model 2 Multi-Learner Stackelberg Game (MLSG) 3 Existence and Uniqueness of the Equilibrium 4 Computing the MLNE 5 Robustness analysis 6 References 7 ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 8 / 21

  12. Multi-Learner Stackelberg Game (MLSG) The MLSG has two stages, which proceeds as follow: In the first stage the learners simultaneously learn their model parameters { θ i } n i =1 . In the second stage, after observing the learners’ decision , the attacker constructs its optimal attack (manipulating X ). Assumptions The learners have complete information about β , λ , and z . Each learner has the same action space Θ ⊆ R d × 1 , which is nonempty, compact, and convex. The columns of the test data X are linearly independent. ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 9 / 21

  13. Multi-Learner Stackelberg Game (MLSG) Definition (Multi-Learner Stackelberg Equilibrium (MLSE)) An action profile ( { θ ∗ i } n i =1 , X ∗ ) is an MLSE if it satisfies θ ∗ c i ( θ i , X ∗ ( θ )) , ∀ i ∈ N i = arg min θ i ∈ Θ (3) ′ ) . X ∗ ( θ ) = arg min c a ( { θ i } n i =1 , X s.t. X ′ ∈ R m × d where θ = { θ i } n i =1 constitutes the joint actions of the learners. MLSE is a blend between a Nash equilibrium (among all learners) and a Stackelberg equilibrium (between the learners and the attacker). ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 10 / 21

  14. Multi-Learner Stackelberg Game (MLSG) Lemma (Best Response of the Attacker) Given { θ i } n i =1 , the best response of the attacker is n n � � X ∗ = ( λ X + z i ) − 1 . θ ⊤ θ i θ ⊤ i )( λ I + (4) i =1 i =1 X ∗ has a closed form, as a function of { θ i } n i =1 . With this lemma, the learners’ cost functions become: c i ( θ i , θ − i ) = βℓ ( X ∗ ( θ i , θ − i ) θ i , y ) + (1 − β ) ℓ ( X θ i , y ) . (5) X ∗ ( θ i , θ − i ) MLSG = = = = = = ⇒ Multi-Learner Nash Game (MLNG) MLNG is a game among the learners. ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 11 / 21

  15. Table of Contents Learner Model 1 Attacker Model 2 Multi-Learner Stackelberg Game (MLSG) 3 Existence and Uniqueness of the Equilibrium 4 Computing the MLNE 5 Robustness analysis 6 References 7 ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 12 / 21

  16. Existence and Uniqueness of the Equilibrium We approximate the MLNG by deriving upper bounds on the learners’ cost functions. The approximated game is denoted by: �N , Θ , ( � c i ) � . Theorem (Existence of Nash Equilibrium) �N , Θ , ( � c i ) � is a symmetric game and it has at least one symmetric equilibrium. Theorem (Uniqueness of Nash Equilibrium) �N , Θ , ( � c i ) � has an unique Nash equilibrium, and this unique NE is symmetric. The equilibrium of �N , Θ , ( � c i ) � is defined as: Multi-Learner Nash Equilibrium (MLNE) ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 13 / 21

  17. Table of Contents Learner Model 1 Attacker Model 2 Multi-Learner Stackelberg Game (MLSG) 3 Existence and Uniqueness of the Equilibrium 4 Computing the MLNE 5 Robustness analysis 6 References 7 ( Electrical Engineering and Computer Science Vanderbilt University, Computer Science Amherst College ) Adversarial Regression with Multiple Learners ICML 2018 14 / 21

Recommend

Multiple Regression and Logistic Regression I Dajiang Liu @PHS 525 Apr-14-2016 Multiple

Multiple Regression and Logistic Regression I Dajiang Liu @PHS 525 Apr-14-2016 Multiple

Multiple Regression and Logistic Regression I Dajiang Liu @PHS 525 Apr-14-2016 Multiple Regression Extends simple linear regression to the scenario where Multiple predictors are available Multiple regression often results in better

673 views • 17 slides
Multiple Regression Peerapat Wongchaiwat, Ph.D. wongchaiwat@hotmail.com The Multiple Regression

Multiple Regression Peerapat Wongchaiwat, Ph.D. wongchaiwat@hotmail.com The Multiple Regression

Multiple Regression Peerapat Wongchaiwat, Ph.D. wongchaiwat@hotmail.com The Multiple Regression Model Examine the linear relationship between 1 dependent (Y) & 2 or more independent variables (X i ) Multiple Regression Model with k

821 views • 47 slides
Unit 7: Multiple linear regression 1. Introduction to multiple linear regression Sta 101 - Fall

Unit 7: Multiple linear regression 1. Introduction to multiple linear regression Sta 101 - Fall

Announcements Unit 7: Multiple linear regression 1. Introduction to multiple linear regression Sta 101 - Fall 2018 Project questions? Duke University, Department of Statistical Science Dr. Abrahamsen Slides posted at

537 views • 10 slides
Adversarial Training and Robustness for Multiple Perturbations Poster #87 Florian Tramr &

Adversarial Training and Robustness for Multiple Perturbations Poster #87 Florian Tramr &

Adversarial Training and Robustness for Multiple Perturbations Poster #87 Florian Tramr & Dan Boneh NeurIPS 2019 Adversarial examples 88% Tabby Cat 99% Guacamole Szegedy et al., 2014 Goodfellow et al., 2015 Athalye, 2017 Adversarial

564 views • 23 slides
Business Statistics CONTENTS Multiple regression Dummy regressors Assumptions of regression

Business Statistics CONTENTS Multiple regression Dummy regressors Assumptions of regression

MULTIPLE REGRESSION ANALYSIS AND OTHER ISSUES Business Statistics CONTENTS Multiple regression Dummy regressors Assumptions of regression analysis Predicting with regression analysis Old exam question Further study MULTIPLE REGRESSION The

721 views • 24 slides
Multiple Regression Review Instructor: G. William Schwert 275-2470

Multiple Regression Review Instructor: G. William Schwert 275-2470

Multiple Regression APS 425- Advanced Managerial Data Analysis APS 425 Fall 2015 Multiple Regression Review Instructor: G. William Schwert 275-2470 schwert@schwert.ssb.rochester.edu Multiple Regression Model We have studied the

460 views • 21 slides
Multiple Linear Regression James H. Steiger Department of Psychology and Human Development

Multiple Linear Regression James H. Steiger Department of Psychology and Human Development

Introduction The Multiple Regression Model Setting Up a Multiple Regression Model Multiple Linear Regression James H. Steiger Department of Psychology and Human Development Vanderbilt University Multilevel Regression Modeling, 2009

709 views • 41 slides
Multiple Regression Analysis Independent Variables Mechanics and Interpretation of OLS

Multiple Regression Analysis Independent Variables Mechanics and Interpretation of OLS

Motivation for Multiple Regression The Model with k Multiple Regression Analysis Independent Variables Mechanics and Interpretation of OLS Interpreting the OLS Caio Vigo Regression Line The Expected Value of the OLS The University of

2.75k views • 89 slides
Multiple Regression and Logistic Regression II Dajiang Liu @PHS 525 Apr-19-2016 Materials from

Multiple Regression and Logistic Regression II Dajiang Liu @PHS 525 Apr-19-2016 Materials from

Multiple Regression and Logistic Regression II Dajiang Liu @PHS 525 Apr-19-2016 Materials from Last Time Multiple regression model: Include multiple predictors in the model = + + +

345 views • 23 slides
Notation ^ y = b 0 + b 1 x 1 + b 2 x 2 + b 3 x 3 +. . .+ b k x k 0 = the y -intercept, or the

Notation ^ y = b 0 + b 1 x 1 + b 2 x 2 + b 3 x 3 +. . .+ b k x k 0 = the y -intercept, or the

Multiple Regression Multiple Regression Definition Definition Multiple Regression Equation Multiple Regression Equation A linear relationship between a dependent A linear relationship between a dependent variable y and two or more independent

453 views • 10 slides
Multiple Regression Rick Balkin, Ph.D., LPC-S, NCC Department of Counseling Texas A & M

Multiple Regression Rick Balkin, Ph.D., LPC-S, NCC Department of Counseling Texas A & M

Multiple Regression Rick Balkin, Ph.D., LPC-S, NCC Department of Counseling Texas A & M University-Commerce Rick_balkin@tamu-commerce.edu Balkin, R. S. (2008). Multiple Regression vs. ANOVA The purpose of multiple regression is to

413 views • 30 slides
Chapter 13 Multiple Regression and Model Building Multiple Regression Models The General

Chapter 13 Multiple Regression and Model Building Multiple Regression Models The General

Chapter 13 Multiple Regression and Model Building Multiple Regression Models The General Multiple Regression Model ... y x x x 0 1 1 2 2 k k is the dependent variable y are

621 views • 43 slides
Multiple Linear Regression Recall: a regression model describes how a dependent variable (or

Multiple Linear Regression Recall: a regression model describes how a dependent variable (or

ST 430/514 Introduction to Regression Analysis/Statistics for Management and the Social Sciences II Multiple Linear Regression Recall: a regression model describes how a dependent variable (or response ) Y is affected, on average, by one or more

526 views • 21 slides
R05 - Multiple Regression STAT 587 (Engineering) Iowa State University October 30, 2020

R05 - Multiple Regression STAT 587 (Engineering) Iowa State University October 30, 2020

R05 - Multiple Regression STAT 587 (Engineering) Iowa State University October 30, 2020 Multiple regression model Multiple regression Recall the simple linear regression model is ind N ( i , 2 ) , Y i i = 0 + 1 X i The

578 views • 37 slides
Multiple and Logistic Regression IV Dajiang Liu @PHS 525 Apr-21 st -2016 Review of Last Two

Multiple and Logistic Regression IV Dajiang Liu @PHS 525 Apr-21 st -2016 Review of Last Two

Multiple and Logistic Regression IV Dajiang Liu @PHS 525 Apr-21 st -2016 Review of Last Two Classes Linear regression model: Logistic regression model Deal with binary outcomes Why is multiple (simple) linear regression model

260 views • 15 slides
Week 3: Multiple Linear Regression Polynomials, log transformation, categorical variables,

Week 3: Multiple Linear Regression Polynomials, log transformation, categorical variables,

BUS41100 Applied Regression Analysis Week 3: Multiple Linear Regression Polynomials, log transformation, categorical variables, interactions & main effects Max H. Farrell The University of Chicago Booth School of Business Multiple vs

915 views • 56 slides
Section 3.1: Multiple Linear Regression Jared S. Murray The University of Texas at Austin

Section 3.1: Multiple Linear Regression Jared S. Murray The University of Texas at Austin

Section 3.1: Multiple Linear Regression Jared S. Murray The University of Texas at Austin McCombs School of Business 1 The Multiple Regression Model Many problems involve more than one independent variable or factor which affects the

843 views • 24 slides
AReS and MaRS - Adversarial and MMD-Minimizing Regression for SDEs Gabriele Abbati *1 , Philippe

AReS and MaRS - Adversarial and MMD-Minimizing Regression for SDEs Gabriele Abbati *1 , Philippe

AReS and MaRS - Adversarial and MMD-Minimizing Regression for SDEs Gabriele Abbati *1 , Philippe Wenk *23 , Michael A Osborne 1 , Andreas Krause 2 , Bernhard Schlkopf 4 , Stefan Bauer 4 1 University of Oxford, 2 ETH Zrich, 3 Max Planck ETH

761 views • 23 slides
Multiple regression STAT 401 - Statistical Methods for Research Workers Jarad Niemi Iowa State

Multiple regression STAT 401 - Statistical Methods for Research Workers Jarad Niemi Iowa State

Multiple regression STAT 401 - Statistical Methods for Research Workers Jarad Niemi Iowa State University October 19, 2013 Jarad Niemi (Iowa State) Multiple regression October 19, 2013 1 / 8 Multiple regression model Multiple regression

533 views • 8 slides
EC3062 ECONOMETRICS THE MULTIPLE REGRESSION MODEL Consider T realisations of the regression

EC3062 ECONOMETRICS THE MULTIPLE REGRESSION MODEL Consider T realisations of the regression

EC3062 ECONOMETRICS THE MULTIPLE REGRESSION MODEL Consider T realisations of the regression equation (1) y = 0 + 1 x 1 + + k x k + , which can be written in the following form: y 1 0 1 x 11 . . . x 1 k 1

456 views • 34 slides
Lecture 6: Multiple Linear Regression, Polynomial Regression and Model Selection CS109A

Lecture 6: Multiple Linear Regression, Polynomial Regression and Model Selection CS109A

Lecture 6: Multiple Linear Regression, Polynomial Regression and Model Selection CS109A Introduction to Data Science Pavlos Protopapas and Kevin Rader Announcements Section : Friday 1:30-2:45pm : @ MD 123 (only this Friday) A-section: Today:

921 views • 65 slides
Fitting Regression Models A multiple regression model relates a single response variable y

Fitting Regression Models A multiple regression model relates a single response variable y

ST 516 Experimental Statistics for Engineers II Fitting Regression Models A multiple regression model relates a single response variable y (dependent variable) to the values of k regressor variables x 1 , x 2 , . . . , x k (predictors, independent

435 views • 26 slides
Addressing one research question using multiple methodological approaches Marc Goodrich

Addressing one research question using multiple methodological approaches Marc Goodrich

Addressing one research question using multiple methodological approaches Marc Goodrich Overview Background and theory on dual language learners Using regression-based approaches Examining scale versus item-level data Using

1.12k views • 78 slides
Section 3.2: Multiple Linear Regression II Jared S. Murray The University of Texas at Austin

Section 3.2: Multiple Linear Regression II Jared S. Murray The University of Texas at Austin

Section 3.2: Multiple Linear Regression II Jared S. Murray The University of Texas at Austin McCombs School of Business 1 Multiple Linear Regression: Inference and Understanding We can answer new questions with MLR: Are any of the

588 views • 36 slides

More recommend