4.7 Article

On the Adversarial Robustness of Hypothesis Testing

期刊

IEEE TRANSACTIONS ON SIGNAL PROCESSING
卷 69, 期 -, 页码 515-530

出版社

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TSP.2020.3045206

关键词

Error probability; Testing; Robustness; Inference algorithms; Neural networks; Measurement; Random variables; Minimax problem; hypothesis testing; adversarial robustness

资金

  1. National Science Foundation [CCF-1 717 943, ECCS-1 711 468, CNS-1 824 553, CCF-1 908 258, ECCS-2 000 415]

向作者/读者索取更多资源

This paper investigates the adversarial robustness of hypothesis testing rules, where decision makers need to determine the underlying hypothesis of generated samples after being modified by an adversary. The study reveals that decision makers can design different decision rules to minimize error probability under different scenarios of whether the adversary is aware of the true underlying hypothesis.
In this paper, we investigate the adversarial robustness of hypothesis testing rules. In the considered model, after a sample is generated, it will be modified by an adversary before being observed by the decision maker. The decision maker needs to decide the underlying hypothesis that generates the sample from the adversarially-modified data. We formulate this problem as a minimax hypothesis testing problem, in which the goal of the adversary is to design attack strategy to maximize the error probability while the decision maker aims to design decision rules so as to minimize the error probability. We consider both hypothesis-aware case, in which the attacker knows the true underlying hypothesis, and hypothesis-unaware case, in which the attacker does not know the true underlying hypothesis. We solve this minimax problem and characterize the corresponding optimal strategies for both cases.

作者

我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。

评论

主要评分

4.7
评分不足

次要评分

新颖性
-
重要性
-
科学严谨性
-
评价这篇论文

推荐

暂无数据
暂无数据