Robust linear regression against training data poisoning

Chang Liu; Bo Li; Yevgeniy Vorobeychik; Alina Oprea

doi:10.1145/3128572.3140447

Robust linear regression against training data poisoning

Chang Liu, Bo Li, Yevgeniy Vorobeychik, Alina Oprea

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The effectiveness of supervised learning techniques has made them ubiquitous in research and practice. In high-dimensional settings, supervised learning commonly relies on dimensionality reduction to improve performance and identify the most important factors in predicting outcomes. However, the economic importance of learning has made it a natural target for adversarial manipulation of training data, which we term poisoning attacks. Prior approaches to dealing with robust supervised learning rely on strong assumptions about the nature of the feature matrix, such as feature independence and sub-Gaussian noise with low variance. We propose an integrated method for robust regression that relaxes these assumptions, assuming only that the feature matrix can be well approximated by a low-rank matrix. Our techniques integrate improved robust low-rank matrix approximation and robust principle component regression, and yield strong performance guarantees. Moreover, we experimentally show that our methods significantly outperform state-of-the-art robust regression both in running time and prediction error.

Original language	English (US)
Title of host publication	AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017
Publisher	Association for Computing Machinery, Inc
Pages	91-102
Number of pages	12
ISBN (Electronic)	9781450352024
DOIs	https://doi.org/10.1145/3128572.3140447
State	Published - Nov 3 2017
Externally published	Yes
Event	10th ACM Workshop on Artificial Intelligence and Security, AISec 2017 - Dallas, United States Duration: Nov 3 2017 → …

Publication series

Name	AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017

Other

Other	10th ACM Workshop on Artificial Intelligence and Security, AISec 2017
Country	United States
City	Dallas
Period	11/3/17 → …

ASJC Scopus subject areas

Artificial Intelligence

Access to Document

10.1145/3128572.3140447

Fingerprint Dive into the research topics of 'Robust linear regression against training data poisoning'. Together they form a unique fingerprint.

Cite this

Liu, C., Li, B., Vorobeychik, Y., & Oprea, A. (2017). Robust linear regression against training data poisoning. In AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017 (pp. 91-102). (AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017). Association for Computing Machinery, Inc. https://doi.org/10.1145/3128572.3140447

Robust linear regression against training data poisoning. / Liu, Chang; Li, Bo; Vorobeychik, Yevgeniy; Oprea, Alina.

AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017. Association for Computing Machinery, Inc, 2017. p. 91-102 (AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Liu, C, Li, B, Vorobeychik, Y & Oprea, A 2017, Robust linear regression against training data poisoning. in AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017. AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017, Association for Computing Machinery, Inc, pp. 91-102, 10th ACM Workshop on Artificial Intelligence and Security, AISec 2017, Dallas, United States, 11/3/17. https://doi.org/10.1145/3128572.3140447

Liu C, Li B, Vorobeychik Y, Oprea A. Robust linear regression against training data poisoning. In AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017. Association for Computing Machinery, Inc. 2017. p. 91-102. (AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017). https://doi.org/10.1145/3128572.3140447

Liu, Chang ; Li, Bo ; Vorobeychik, Yevgeniy ; Oprea, Alina. / Robust linear regression against training data poisoning. AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017. Association for Computing Machinery, Inc, 2017. pp. 91-102 (AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017).

@inproceedings{8370dcc34fd6437093bf93ef8bc0120e,

title = "Robust linear regression against training data poisoning",

abstract = "The effectiveness of supervised learning techniques has made them ubiquitous in research and practice. In high-dimensional settings, supervised learning commonly relies on dimensionality reduction to improve performance and identify the most important factors in predicting outcomes. However, the economic importance of learning has made it a natural target for adversarial manipulation of training data, which we term poisoning attacks. Prior approaches to dealing with robust supervised learning rely on strong assumptions about the nature of the feature matrix, such as feature independence and sub-Gaussian noise with low variance. We propose an integrated method for robust regression that relaxes these assumptions, assuming only that the feature matrix can be well approximated by a low-rank matrix. Our techniques integrate improved robust low-rank matrix approximation and robust principle component regression, and yield strong performance guarantees. Moreover, we experimentally show that our methods significantly outperform state-of-the-art robust regression both in running time and prediction error.",

author = "Chang Liu and Bo Li and Yevgeniy Vorobeychik and Alina Oprea",

year = "2017",

month = nov,

day = "3",

doi = "10.1145/3128572.3140447",

language = "English (US)",

series = "AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017",

publisher = "Association for Computing Machinery, Inc",

pages = "91--102",

booktitle = "AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017",

note = "10th ACM Workshop on Artificial Intelligence and Security, AISec 2017 ; Conference date: 03-11-2017",

}

TY - GEN

T1 - Robust linear regression against training data poisoning

AU - Liu, Chang

AU - Li, Bo

AU - Vorobeychik, Yevgeniy

AU - Oprea, Alina

PY - 2017/11/3

Y1 - 2017/11/3

N2 - The effectiveness of supervised learning techniques has made them ubiquitous in research and practice. In high-dimensional settings, supervised learning commonly relies on dimensionality reduction to improve performance and identify the most important factors in predicting outcomes. However, the economic importance of learning has made it a natural target for adversarial manipulation of training data, which we term poisoning attacks. Prior approaches to dealing with robust supervised learning rely on strong assumptions about the nature of the feature matrix, such as feature independence and sub-Gaussian noise with low variance. We propose an integrated method for robust regression that relaxes these assumptions, assuming only that the feature matrix can be well approximated by a low-rank matrix. Our techniques integrate improved robust low-rank matrix approximation and robust principle component regression, and yield strong performance guarantees. Moreover, we experimentally show that our methods significantly outperform state-of-the-art robust regression both in running time and prediction error.

AB - The effectiveness of supervised learning techniques has made them ubiquitous in research and practice. In high-dimensional settings, supervised learning commonly relies on dimensionality reduction to improve performance and identify the most important factors in predicting outcomes. However, the economic importance of learning has made it a natural target for adversarial manipulation of training data, which we term poisoning attacks. Prior approaches to dealing with robust supervised learning rely on strong assumptions about the nature of the feature matrix, such as feature independence and sub-Gaussian noise with low variance. We propose an integrated method for robust regression that relaxes these assumptions, assuming only that the feature matrix can be well approximated by a low-rank matrix. Our techniques integrate improved robust low-rank matrix approximation and robust principle component regression, and yield strong performance guarantees. Moreover, we experimentally show that our methods significantly outperform state-of-the-art robust regression both in running time and prediction error.

UR - http://www.scopus.com/inward/record.url?scp=85037366729&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85037366729&partnerID=8YFLogxK

U2 - 10.1145/3128572.3140447

DO - 10.1145/3128572.3140447

M3 - Conference contribution

AN - SCOPUS:85037366729

T3 - AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017

SP - 91

EP - 102

BT - AISec 2017 - Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2017

PB - Association for Computing Machinery, Inc

T2 - 10th ACM Workshop on Artificial Intelligence and Security, AISec 2017

Y2 - 3 November 2017

ER -