β Scribed by Fuwei Li, Lifeng Lai, Shuguang Cui
No coin nor oath required. For personal study only.
This book demonstratesΒ the optimal adversarial attacks against several important signal processing algorithms.Β Through presenting the optimal attacks in wireless sensor networks, array signal processing, principal component analysis, etc, the authors reveal the robustness of the signal processing algorithms against adversarial attacks. Since data quality is crucial in signal processing, the adversary that can poison the data will be a significant threat to signal processing. Therefore, it is necessary and urgent to investigate the behavior of machine learning algorithms in signal processing under adversarial attacks.
The authors in this book mainly examine the adversarial robustness of three commonly used machine learning algorithms in signal processing respectively: linear regression, LASSO-based feature selection, and principal component analysis (PCA). As to linear regression, the authors derive the optimal poisoning data sample and the optimal feature modifications, and also demonstrate the effectiveness of the attack against a wireless distributed learning system. The authors further extend the linear regression to LASSO-based feature selection and study the best strategy to mislead the learning system to select the wrong features. The authors find the optimal attack strategy by solving a bi-level optimization problem and also illustrate how this attack influences array signal processing and weather data analysis. In the end, the authors consider the adversarial robustness of the subspace learning problem. The authors examine the optimal modification strategy under the energy constraints to delude the PCA-based subspace learning algorithm.
This book targets researchers working in machine learning, electronic information, and information theory as well as advanced-level students studying these subjects. R&D engineers who are working in machine learning, adversarial machine learning, robust machine learning, and technical consultants working on the security and robustness of machine learning are likely to purchase this book as a reference guide.
Contents
1 Introduction
1.1 Adversarial Machine Learning
1.2 Adversarial Attack Against Linear Regression
1.3 Adversarial Attack Against LASSO Based Feature Selection
1.4 Adversarial Attack Against Subspace Learning
2 Optimal Feature Manipulation Attacks Against Linear Regression
2.1 Attacking with One Adversarial Data Point
2.1.1 Problem Formulation
2.1.2 Attacking One Regression Coefficient
2.1.3 Attacking with Small Changes of Other Regression Coefficients
2.2 Rank-One Attack Analysis
2.3 Applications
2.3.1 Data Poisoning Attack Against Wireless Sensor Networks
2.3.2 Adversarial Attack Against Stock Exchange Data Analysis
2.3.2.1 Attacking One Specific Regression Coefficient
2.3.2.2 Attacking Without Changing Untargeted Regression Coefficients
2.3.2.3 Rank-One Feature Matrix Attack
2.3.3 Adversarial Attack Against Wine Data Analysis
2.4 Summary
3 On the Adversarial Robustness of LASSO Based Feature Selection
3.1 Problem Formulation
3.2 Algorithm
3.3 Adversarial Attacks Against Group LASSO and Sparse Group LASSO
3.3.1 Adversarial Attacks Against Group LASSO
3.3.2 Adversarial Attacks Against Sparse Group LASSO
3.4 Applications
3.4.1 Adversarial Attack Against LASSO-Based Feature Selection System
3.4.2 Adversarial Attack Against Wireless Array Signal Processing
3.4.3 Adversarial Attack Against Weather Data Analysis
3.5 Summary
4 On the Adversarial Robustness of Subspace Learning
4.1 Problem Formulation
4.2 Optimal Rank-One Adversarial Strategy
4.2.1 Case with k=rank(X)
4.2.1.1 Full-Rank Case
4.2.1.2 Low-Rank Case
4.2.2 Case with k<rank(X)
4.3 Optimal Adversarial Strategy without the Rank Constraint
4.4 Applications
4.4.1 Adversarial Attack Against Subspace Learning
4.4.2 Adversarial Attack Against Principal Component Regression
4.5 Summary
5 Summary and Extensions
5.1 Summary
5.2 Extensions
5.2.1 The Defence Strategy
A Appendix
A.1 Lasserre's Relaxation Method
A.2 Poof of the Equivalence of Problem (4.9) and Problem (4.10)
A.3 Proof of Theorem 4.1
A.4 Proof of Theorem 4.2
A.5 Proof of Theorem 4.3
A.6 Proof of Theorem 4.4
A.7 Connection Between Asimov Distance and PCR Problem
References
π SIMILAR VOLUMES
M L Algorithms (2022) [Li et al] [9783031163753]
<span>Adversarial Robustness for Machine Learning summarizes the recent progress on this topic and introduces popular algorithms on adversarial attack, defense and verification. Sections cover adversarial attack, verification and defense, mainly focusing on image classification applications which ar
<p><span>Enables readers to understand the fundamental concepts of machine and deep learning techniques with interactive, real-life applications within signal and image processing</span></p><p><span>Machine Learning Algorithms for Signal and Image Processing</span><span> aids the reader in designing
This first volume, edited and authored by world leading experts, gives a review of the principles, methods and techniques of important and emerging research topics and technologies in machine learning and advanced signal processing theory.
This book describes in detail the fundamental mathematics and algorithms of machine learning (an example of artificial intelligence) and signal processing, two of the most important and exciting technologies in the modern information economy. Taking a gradual approach, it builds up concepts in a sol