sever a robust meta algorithm for stochastic optimization
play

Sever: A Robust Meta-Algorithm for Stochastic Optimization Ilias - PowerPoint PPT Presentation

Dec 18, 2023 •204 likes •402 views

Sever: A Robust Meta-Algorithm for Stochastic Optimization Ilias Diakonikolas 1 , Gautam Kamath 2 , Daniel M. Kane 3 , Jerry Li 4 , Jacob Steinhardt 5 , Alistair Stewart 1 (alphabetical order) 1 USC 2 Waterloo 3 UCSD 4 MSR AI 5 Berkeley DEFENDING

  1. Sever: A Robust Meta-Algorithm for Stochastic Optimization Ilias Diakonikolas 1 , Gautam Kamath 2 , Daniel M. Kane 3 , Jerry Li 4 , Jacob Steinhardt 5 , Alistair Stewart 1 (alphabetical order) 1 USC 2 Waterloo 3 UCSD 4 MSR AI 5 Berkeley

  2. DEFENDING AGAINST DATA POISONING Main question: can you learn a good classifier from poisoned training data?

  3. DEFENDING AGAINST DATA POISONING Main question: can you learn a good classifier from poisoned training data? Given a labeled training set, where an (unknown) 𝜁 -fraction of them are adversarially corrupted, can we learn a model which achieves good accuracy on a clean test set?

  4. DEFENDING AGAINST DATA POISONING Main question: can you learn a good classifier from poisoned training data? Example: Training an SVM with 3% poisoned data

  5. DEFENDING AGAINST DATA POISONING Main question: can you learn a good classifier from poisoned training data? Example: Training an SVM with 3% poisoned data [Koh-Steinhardt-Liang ’18] Against known defenses, the test error can go up to 30%!

  6. DEFENDING AGAINST DATA POISONING Main question: can you learn a good classifier from poisoned training data? Example: Training an SVM with 3% poisoned data Lots of work on related problems: [Barreno-Nelson-Joseph-Tygar’10,Nasrabadi-Tran-Nguyen’11, Biggio-Nelson-Laskov’12, Nguyen-Tran’13, Newell-Potharaju- Xiang-Nita-Rotaru’14, Bhatia-Jain-Kar’15, Diakonikolas- Kamath-Kane-L-Moitra-Stewart’16, Bhatia-Jain-Kamalaruban- Kar’17, Balakrishnan-Du-L-Singh’17, Charikar-Steinhardt- Valiant’17, Steinhardt-Koh-Liang’17, Koh-Liang’17, Prasad- Suggala-Balakrishnan-Ravikumar’18, Diakonikolas-Kong- Stewart’18, Klivans-Kothari-Meka’18,Koh-Steinhardt- [Koh-Steinhardt-Liang ’18] Liang’18…] Against known defenses, the test error can go up to 30%!

  7. OUR RESULTS We present a framework for robust stochastic optimization • Strong theoretical guarantees against strong adversarial models • Outperforms benchmark defenses on state-of-the-art data poisoning attacks • Works well in high dimensions • Works with black-box access to any learner for any stochastic optimization task

  8. SEVER Idea: Until termination: 1. train black box learner to find approximate minima of empirical risk on corrupted training set, 2. then run outlier detection method on the gradients of the loss functions at ERM to remove suspected outliers

  9. SEVER Idea: Until termination: 1. train black box learner to find approximate minima of empirical risk on corrupted training set, 2. then run outlier detection method on the gradients of the loss functions at ERM to remove suspected outliers Filter

  10. FILTERING AND ROBUST MEAN ESTIMATION How should we detect outliers from the gradients?

  11. FILTERING AND ROBUST MEAN ESTIMATION How should we detect outliers from the gradients? We exploit a novel connection to robust mean estimation

  12. FILTERING AND ROBUST MEAN ESTIMATION How should we detect outliers from the gradients? We exploit a novel connection to robust mean estimation Filtering [DKKLMS16, DKKLMS17]: Given a set of points 𝑌 # , … , 𝑌 & drawn from a “nice” distribution, but where an 𝜁 -fraction are corrupted, there is a linear time algorithm which either:

  13. FILTERING AND ROBUST MEAN ESTIMATION How should we detect outliers from the gradients? We exploit a novel connection to robust mean estimation Filtering [DKKLMS16, DKKLMS17]: Given a set of points 𝑌 # , … , 𝑌 & drawn from a “nice” distribution, but where an 𝜁 -fraction are corrupted, there is a linear time algorithm which either: 1. Certifies that the true mean is close to the empirical mean of the corrupted dataset

  14. FILTERING AND ROBUST MEAN ESTIMATION How should we detect outliers from the gradients? We exploit a novel connection to robust mean estimation Filtering [DKKLMS16, DKKLMS17]: Given a set of points 𝑌 # , … , 𝑌 & drawn from a “nice” distribution, but where an 𝜁 -fraction are corrupted, there is a linear time algorithm which either: 1. Certifies that the true mean is close to the empirical mean of the corrupted dataset 2. Removes more bad points than good points

  15. FILTERING AND ROBUST MEAN ESTIMATION How should we detect outliers from the gradients? We exploit a novel connection to robust mean estimation Filtering [DKKLMS16, DKKLMS17]: Given a set of points 𝑌 # , … , 𝑌 & drawn from a “nice” distribution, but where an 𝜁 -fraction are corrupted, there is a linear time algorithm which either: 1. Certifies that the true gradient of the loss function is close to 0 2. Removes more bad points than good points

  16. GUARANTEES Theorem (informal) : Suppose we have a distribution 𝒠 ≼ 𝜏 1 𝐽 . Suppose over convex functions 𝑔 , and Cov 𝛼𝑔 𝜄 we have 𝑔 & (𝜄) drawn from 𝒠 , where 𝜁 -fraction # (𝜄), 𝑔 1 (𝜄), … , 𝑔 of them are adversarial. Under mild assumptions on 𝒠 , then 5 so that w.h.p. given enough samples, SEVER outputs a 𝜄 5) − min 𝜏 1 𝜁 . 𝑔̅(𝜄 ; 𝑔 𝜄 < 𝑃 Can also give results for non-convex objectives Sample complexity / runtime are polynomial but not super tight For GLMs (e.g. SVM, regression), we obtain tight(er) bounds

  17. EMPIRICAL EVALUATION: REGRESSION

  18. EMPIRICAL EVALUATION: SVM

  19. CONCLUSIONS Main question: can you learn a good classifier from poisoned data? Sever is a meta-algorithm for robust stochastic optimization Filter Based on connections to robust mean estimation Interested? See poster #143 this evening!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Meta-optimization of Quantum-Inspired Evolutionary Algorithm Robert Nowotniak, Jacek Kucharski

Meta-optimization of Quantum-Inspired Evolutionary Algorithm Robert Nowotniak, Jacek Kucharski

Meta-optimization of Quantum-Inspired Evolutionary Algorithm Meta-optimization of Quantum-Inspired Evolutionary Algorithm Robert Nowotniak, Jacek Kucharski Computer Engineering Department Technical University of Lodz L od z,

678 views • 25 slides
Consistency of Intertemporal Decisions: Approaches through Robust and Stochastic Optimization.

Consistency of Intertemporal Decisions: Approaches through Robust and Stochastic Optimization.

Consistency of Intertemporal Decisions: Approaches through Robust and Stochastic Optimization. Jorge R. Vera Dept. Ingenier a Industrial y de Sistemas Pontificia Universidad Cat olica de Chile ADGO Workshop, January 2016 J. Vera (PUC)

1.62k views • 130 slides
Distributionally Robust Stochastic Optimization and Learning Models/Algorithms for Data-Driven

Distributionally Robust Stochastic Optimization and Learning Models/Algorithms for Data-Driven

Distributionally Robust Stochastic Optimization and Learning Models/Algorithms for Data-Driven Optimization and Learning Yinyu Ye 1 Department of Management Science and Engineering Institute of Computational and Mathematical Engineering

1.02k views • 91 slides
Performance Evaluation of Bat Algorithm to Solve Deterministic and Stochastic Optimization

Performance Evaluation of Bat Algorithm to Solve Deterministic and Stochastic Optimization

Introduction Implementation Details Results and Discussion Performance Evaluation of Bat Algorithm to Solve Deterministic and Stochastic Optimization Problems Ratnaji Vanga, Manu K. Gupta and J. Venkateswaran Industrial Engineering and

578 views • 21 slides
Stochastic optimization and sparse statistical recovery: An optimal algorithm for high dimensions

Stochastic optimization and sparse statistical recovery: An optimal algorithm for high dimensions

Stochastic optimization and sparse statistical recovery: An optimal algorithm for high dimensions Alekh Agarwal Microsoft Research Joint work with Sahand Negahban and Martin Wainwright Workshop on Optimization and Statistical Learning 2013, Les

695 views • 42 slides
Stochastic Search for Signal Processing Algorithm Optimization Bryan Singer and Manuela Veloso

Stochastic Search for Signal Processing Algorithm Optimization Bryan Singer and Manuela Veloso

Stochastic Search for Signal Processing Algorithm Optimization Bryan Singer and Manuela Veloso Computer Science Department Carnegie Mellon University, Pittsburgh Liat Ben-Haim, November 16th 2011 Overview Genetic algorithm Signal

555 views • 28 slides
Overview of the Stochastic Gradient Method December 02, 2020 P. Carpentier Master Optimization

Overview of the Stochastic Gradient Method December 02, 2020 P. Carpentier Master Optimization

Stochastic Gradient Algorithm Connexion with Stochastic Approximation Asymptotic Efficiency and Averaging Practical Considerations Overview of the Stochastic Gradient Method December 02, 2020 P. Carpentier Master Optimization Stochastic

338 views • 33 slides
Stochastic Optimization and Discretization January 06, 2021 P. Carpentier Master Optimization

Stochastic Optimization and Discretization January 06, 2021 P. Carpentier Master Optimization

Stochastic Programming: the Scenario Tree Method Stochastic Optimal Control and Discretization Puzzles A General Convergence Result Stochastic Optimization and Discretization January 06, 2021 P. Carpentier Master Optimization Stochastic

1.04k views • 59 slides
Using Meta Learning to Initialize Bayesian Optimization Albert-Ludwigs-Universitt Freiburg

Using Meta Learning to Initialize Bayesian Optimization Albert-Ludwigs-Universitt Freiburg

Using Meta Learning to Initialize Bayesian Optimization Albert-Ludwigs-Universitt Freiburg Matthias Feurer 1 Jost Tobias Springenberg 2 Frank Hutter 1 1 Research Group on Learning, Optimization, and Automated Algorithm Design 2 Machine Learning

852 views • 48 slides
Convergence of a Stochastic Gradient Method with Momentum for Non-Smooth Non-Convex Optimization

Convergence of a Stochastic Gradient Method with Momentum for Non-Smooth Non-Convex Optimization

Convergence of a Stochastic Gradient Method with Momentum for Non-Smooth Non-Convex Optimization Vien V. Mai and Mikael Johansson KTH - Royal Institute of Technology Stochastic optimization Stochastic optimization problem: minimize f ( x

381 views • 20 slides
Short Course in Supervised Learning Robust Optimization and Machine Learning Robust Supervised

Short Course in Supervised Learning Robust Optimization and Machine Learning Robust Supervised

Robust Optimization &amp; Machine Learning 6. Robust Optimization Short Course in Supervised Learning Robust Optimization and Machine Learning Robust Supervised Learning Motivations Examples Thresholding and robustness Boolean data

724 views • 48 slides
A deterministic algorithm for stochastic multistage problems or The problem-child algorithm

A deterministic algorithm for stochastic multistage problems or The problem-child algorithm

A deterministic algorithm for stochastic multistage problems or The problem-child algorithm Regan Baucke, Anthony Downward, Golbon Zakeri CERMICS, Ecole des Ponts ParisTech reganbaucke.github.io CMS and MMEI 2019 27 th March 2019 Stochastic

2.2k views • 156 slides
A Stochastic PCA Algorithm with an Exponential Convergence Rate Ohad Shamir Weizmann Institute

A Stochastic PCA Algorithm with an Exponential Convergence Rate Ohad Shamir Weizmann Institute

A Stochastic PCA Algorithm with an Exponential Convergence Rate Ohad Shamir Weizmann Institute of Science NIPS Optimization Workshop December 2014 Ohad Shamir Stochastic PCA with Exponential Convergence 1/19 Principal Component Analysis

567 views • 31 slides
Stochastic Online Optimization Jian Li Institute of Interdisciplinary Information Sciences

Stochastic Online Optimization Jian Li Institute of Interdisciplinary Information Sciences

CNCC 2016 Stochastic Online Optimization Jian Li Institute of Interdisciplinary Information Sciences Tsinghua University lijian83@mail.tsinghua.edu.cn Stochastic Online Optimization Stochastic Matching Stochastic Probing

648 views • 49 slides
Using stochastic control in robust portfolio selection Martin Schweizer Department of

Using stochastic control in robust portfolio selection Martin Schweizer Department of

Background The problem Results References And finally . . . Using stochastic control in robust portfolio selection Martin Schweizer Department of Mathematics ETH Z urich Stochastic Processes: Theory and Applications in honor of

454 views • 27 slides
Optimization-Based Meta-Learning CS 330 1 Course Reminders HW1 due next Weds (9/30). Project

Optimization-Based Meta-Learning CS 330 1 Course Reminders HW1 due next Weds (9/30). Project

Optimization-Based Meta-Learning CS 330 1 Course Reminders HW1 due next Weds (9/30). Project guidelines posted start forming groups &amp; formulating ideas. Guest lecture by Matt Johnson on Monday! 2 Plan for Today Recap - Meta-learning

1.43k views • 33 slides
Verified Calculation of Nonlinear Dynamics of Viscous Detonation Christopher M. Romick,

Verified Calculation of Nonlinear Dynamics of Viscous Detonation Christopher M. Romick,

Verified Calculation of Nonlinear Dynamics of Viscous Detonation Christopher M. Romick, University of Notre Dame, Notre Dame, IN Tariq D. Aslam, Los Alamos National Laboratory, Los Alamos, NM and Joseph M. Powers University of Notre Dame,

382 views • 26 slides
Duncan Stewart, PE Agenda 1. The Enterprise Scheduling Model Overview 2. Disadvantages of the

Duncan Stewart, PE Agenda 1. The Enterprise Scheduling Model Overview 2. Disadvantages of the

McDONOUGH BOLYARD PECK CONSTRUCTION ENGINEERING Enterprise Schedule Management in Support of Dynamic Construction Simulations Duncan Stewart, PE Agenda 1. The Enterprise Scheduling Model Overview 2. Disadvantages of the Traditional Paradigm

223 views • 19 slides
SBA and Programs to Know About First Wednesday Virtual Learning Series 2018 www.sba.gov 1

SBA and Programs to Know About First Wednesday Virtual Learning Series 2018 www.sba.gov 1

SBA and Programs to Know About First Wednesday Virtual Learning Series 2018 www.sba.gov 1 Hosts Chris Eischen, Procurement Center Representative SBA Office of Government Contracting, Area IV, Kansas City, MO christopher.eischen@sba.gov

1.07k views • 64 slides
Mobile Malware: Why the traditional AV paradigm is doomed, and how to use physics to detect

Mobile Malware: Why the traditional AV paradigm is doomed, and how to use physics to detect

Mobile Malware: Why the traditional AV paradigm is doomed, and how to use physics to detect physics to detect undesirable routines Guy Stewart VP Engineering Fatskunk Inc. The Malware Problem The Malware Problem Trojans, Rootkits, the

454 views • 18 slides
Solving large scale eigenvalue problems Lecture 10, May 2, 2018: More on Lanczos and Arnoldi

Solving large scale eigenvalue problems Lecture 10, May 2, 2018: More on Lanczos and Arnoldi

Solving large scale eigenvalue problems Solving large scale eigenvalue problems Lecture 10, May 2, 2018: More on Lanczos and Arnoldi http://people.inf.ethz.ch/arbenz/ewp/ Peter Arbenz Computer Science Department, ETH Z urich E-mail:

733 views • 25 slides
Miranda Stewart with Roger Wilkins and Troy Henderson 28 th March 2019 Inequality, Tax and

Miranda Stewart with Roger Wilkins and Troy Henderson 28 th March 2019 Inequality, Tax and

Miranda Stewart with Roger Wilkins and Troy Henderson 28 th March 2019 Inequality, Tax and Welfare Melbourne School of Government 1 Series: Talking About Economic Inequality Income inequality in Australia Gini coefficient for household

570 views • 9 slides
Gale-Stew a rt games and Blakw ell games Daisuk e Ik egami (Universit y of Califo

Gale-Stew a rt games and Blakw ell games Daisuk e Ik egami (Universit y of Califo

Gale-Stew a rt games and Blakw ell games Daisuk e Ik egami (Universit y of Califo rnia, Berk eley) 1st of Ma y , 2012 P erfet &amp; imp erfet info rmation fo r games P erfet info rmation: Pla y ers kno

662 views • 52 slides
Using Mixed Precision in Numerical Computations to Speedup Linear Algebra Solvers Jack Dongarra,

Using Mixed Precision in Numerical Computations to Speedup Linear Algebra Solvers Jack Dongarra,

Using Mixed Precision in Numerical Computations to Speedup Linear Algebra Solvers Jack Dongarra, UTK/ORNL/U Manchester Azzam Haidar, Nvidia Nick Higham, U of Manchester Stan Tomov, UTK Slides can be found: http://bit.ly/icerm-05-2020-dongarra

529 views • 36 slides

More recommend