Adversarial attacks on probabilistic autoregressive forecasting models

Raphaël Dang-Nhu; Gagandeep Singh; Pavol Bielik; Martin Vechev

Adversarial attacks on probabilistic autoregressive forecasting models

Raphaël Dang-Nhu, Gagandeep Singh, Pavol Bielik, Martin Vechev

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

We develop an effective generation of adversarial attacks on neural models that output a sequence of probability distributions rather than a sequence of single values. This setting includes recently proposed deep probabilistic autoregressive forecasting models that estimate the probability distribution of a time series given its past and achieve state-of-the-art results in a diverse set of application domains. The key technical challenge we address is effectively differentiating through the Monte-Carlo estimation of statistics of the joint distribution of the output sequence. Additionally, we extend prior work on probabilistic forecasting to the Bayesian setting which allows conditioning on future observations, instead of only on past observations. We demonstrate that our approach can successfully generate attacks with small input perturbations in two challenging tasks where robust decision making is crucial - stock market trading and prediction of electricity consumption.

Original language	English (US)
Title of host publication	37th International Conference on Machine Learning, ICML 2020
Editors	Hal Daume, Aarti Singh
Publisher	International Machine Learning Society (IMLS)
Pages	2334-2343
Number of pages	10
ISBN (Electronic)	9781713821120
State	Published - 2020
Externally published	Yes
Event	37th International Conference on Machine Learning, ICML 2020 - Virtual, Online Duration: Jul 13 2020 → Jul 18 2020

Publication series

Name	37th International Conference on Machine Learning, ICML 2020
Volume	PartF168147-3

Conference

Conference	37th International Conference on Machine Learning, ICML 2020
City	Virtual, Online
Period	7/13/20 → 7/18/20

ASJC Scopus subject areas

Computational Theory and Mathematics
Human-Computer Interaction
Software

Library availability

Discover UIUC Full Text

Cite this

Dang-Nhu, R., Singh, G., Bielik, P., & Vechev, M. (2020). Adversarial attacks on probabilistic autoregressive forecasting models. In H. Daume, & A. Singh (Eds.), 37th International Conference on Machine Learning, ICML 2020 (pp. 2334-2343). (37th International Conference on Machine Learning, ICML 2020; Vol. PartF168147-3). International Machine Learning Society (IMLS).

Adversarial attacks on probabilistic autoregressive forecasting models. / Dang-Nhu, Raphaël; Singh, Gagandeep; Bielik, Pavol et al.

37th International Conference on Machine Learning, ICML 2020. ed. / Hal Daume; Aarti Singh. International Machine Learning Society (IMLS), 2020. p. 2334-2343 (37th International Conference on Machine Learning, ICML 2020; Vol. PartF168147-3).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Dang-Nhu, R, Singh, G, Bielik, P & Vechev, M 2020, Adversarial attacks on probabilistic autoregressive forecasting models. in H Daume & A Singh (eds), 37th International Conference on Machine Learning, ICML 2020. 37th International Conference on Machine Learning, ICML 2020, vol. PartF168147-3, International Machine Learning Society (IMLS), pp. 2334-2343, 37th International Conference on Machine Learning, ICML 2020, Virtual, Online, 7/13/20.

@inproceedings{8a98f0dccab3474093528bff1851ed41,

title = "Adversarial attacks on probabilistic autoregressive forecasting models",

abstract = "We develop an effective generation of adversarial attacks on neural models that output a sequence of probability distributions rather than a sequence of single values. This setting includes recently proposed deep probabilistic autoregressive forecasting models that estimate the probability distribution of a time series given its past and achieve state-of-the-art results in a diverse set of application domains. The key technical challenge we address is effectively differentiating through the Monte-Carlo estimation of statistics of the joint distribution of the output sequence. Additionally, we extend prior work on probabilistic forecasting to the Bayesian setting which allows conditioning on future observations, instead of only on past observations. We demonstrate that our approach can successfully generate attacks with small input perturbations in two challenging tasks where robust decision making is crucial - stock market trading and prediction of electricity consumption.",

author = "Rapha{\"e}l Dang-Nhu and Gagandeep Singh and Pavol Bielik and Martin Vechev",

note = "Publisher Copyright: {\textcopyright} 37th International Conference on Machine Learning, ICML 2020.; 37th International Conference on Machine Learning, ICML 2020 ; Conference date: 13-07-2020 Through 18-07-2020",

year = "2020",

language = "English (US)",

series = "37th International Conference on Machine Learning, ICML 2020",

publisher = "International Machine Learning Society (IMLS)",

pages = "2334--2343",

editor = "Hal Daume and Aarti Singh",

booktitle = "37th International Conference on Machine Learning, ICML 2020",

}

TY - GEN

T1 - Adversarial attacks on probabilistic autoregressive forecasting models

AU - Dang-Nhu, Raphaël

AU - Singh, Gagandeep

AU - Bielik, Pavol

AU - Vechev, Martin

PY - 2020

Y1 - 2020

N2 - We develop an effective generation of adversarial attacks on neural models that output a sequence of probability distributions rather than a sequence of single values. This setting includes recently proposed deep probabilistic autoregressive forecasting models that estimate the probability distribution of a time series given its past and achieve state-of-the-art results in a diverse set of application domains. The key technical challenge we address is effectively differentiating through the Monte-Carlo estimation of statistics of the joint distribution of the output sequence. Additionally, we extend prior work on probabilistic forecasting to the Bayesian setting which allows conditioning on future observations, instead of only on past observations. We demonstrate that our approach can successfully generate attacks with small input perturbations in two challenging tasks where robust decision making is crucial - stock market trading and prediction of electricity consumption.

AB - We develop an effective generation of adversarial attacks on neural models that output a sequence of probability distributions rather than a sequence of single values. This setting includes recently proposed deep probabilistic autoregressive forecasting models that estimate the probability distribution of a time series given its past and achieve state-of-the-art results in a diverse set of application domains. The key technical challenge we address is effectively differentiating through the Monte-Carlo estimation of statistics of the joint distribution of the output sequence. Additionally, we extend prior work on probabilistic forecasting to the Bayesian setting which allows conditioning on future observations, instead of only on past observations. We demonstrate that our approach can successfully generate attacks with small input perturbations in two challenging tasks where robust decision making is crucial - stock market trading and prediction of electricity consumption.

UR - http://www.scopus.com/inward/record.url?scp=85095476647&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85095476647&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:85095476647

T3 - 37th International Conference on Machine Learning, ICML 2020

SP - 2334

EP - 2343

BT - 37th International Conference on Machine Learning, ICML 2020

A2 - Daume, Hal

A2 - Singh, Aarti

PB - International Machine Learning Society (IMLS)

T2 - 37th International Conference on Machine Learning, ICML 2020

Y2 - 13 July 2020 through 18 July 2020

ER -

Adversarial attacks on probabilistic autoregressive forecasting models

Abstract

Publication series

Conference

ASJC Scopus subject areas

Library availability

Related links

Fingerprint

Cite this