To refer to this page use:
http://arks.princeton.edu/ark:/88435/pr1bp30
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Beatson, Alex | - |
dc.contributor.author | Wang, Zhaoran | - |
dc.contributor.author | Liu, Han | - |
dc.date.accessioned | 2020-04-06T17:40:00Z | - |
dc.date.accessioned | 2021-10-11T14:18:06Z | - |
dc.date.available | 2020-04-06T17:40:00Z | - |
dc.date.available | 2021-10-11T14:18:06Z | - |
dc.date.issued | 2016 | en_US |
dc.identifier.citation | Beatson, Alex, Zhaoran Wang, and Han Liu. "Blind attacks on machine learners." In Advances in Neural Information Processing Systems 29, (2016): pp. 2397-2405. | en_US |
dc.identifier.issn | 1049-5258 | - |
dc.identifier.uri | https://papers.nips.cc/paper/6482-blind-attacks-on-machine-learners.pdf | - |
dc.identifier.uri | http://arks.princeton.edu/ark:/88435/pr1bp30 | - |
dc.description.abstract | The importance of studying the robustness of learners to malicious data is well established. While much work has been done establishing both robust estimators and effective data injection attacks when the attacker is omniscient, the ability of an attacker to provably harm learning while having access to little information is largely unstudied. We study the potential of a “blind attacker” to provably limit a learner’s performance by data injection attack without observing the learner’s training set or any parameter of the distribution from which it is drawn. We provide examples of simple yet effective attacks in two settings: firstly, where an “informed learner” knows the strategy chosen by the attacker, and secondly, where a “blind learner” knows only the proportion of malicious data and some family to which the malicious distribution chosen by the attacker belongs. For each attack, we analyze minimax rates of convergence and establish lower bounds on the learner’s minimax risk, exhibiting limits on a learner’s ability to learn under data injection attack even when the attacker is “blind”. | en_US |
dc.format.extent | 2397 - 2405 | en_US |
dc.language.iso | en_US | en_US |
dc.relation.ispartof | Advances in Neural Information Processing Systems | en_US |
dc.relation.replaces | http://arks.princeton.edu/ark:/88435/pr1q214 | - |
dc.relation.replaces | 88435/pr1q214 | - |
dc.rights | Author's manuscript | en_US |
dc.title | Blind attacks on machine learners | en_US |
dc.type | Conference Article | en_US |
pu.type.symplectic | http://www.symplectic.co.uk/publications/atom-terms/1.0/conference-proceeding | en_US |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
BlindAttacksMachineLearners.pdf | 235.68 kB | Adobe PDF | View/Download |
Items in OAR@Princeton are protected by copyright, with all rights reserved, unless otherwise indicated.