Indiscriminate disruption of conditional inference on multivariate Gaussians.
Saved in:
| Title: | Indiscriminate disruption of conditional inference on multivariate Gaussians. |
|---|---|
| Authors: | Caballero, William N.1 (AUTHOR) william.caballero@afit.edu, LaRosa, Matthew2 (AUTHOR) matthew.larosa@duke.edu, Fisher, Alexander A.3 (AUTHOR) alexander.fisher@duke.edu, Tarokh, Vahid2 (AUTHOR) vahid.tarokh@duke.edu |
| Source: | European Journal of Operational Research. Nov2025, Vol. 327 Issue 1, p191-202. 12p. |
| Subjects: | Distribution (Probability theory), Machine learning, Inference (Logic), Decision making, Mathematical variables, Scientific observation, Quadratic programming |
| Abstract: | The multivariate Gaussian distribution underpins myriad operations-research, decision-analytic, and machine-learning models (e.g., Bayesian optimization, Gaussian influence diagrams, and variational autoencoders). However, despite recent advances in adversarial machine learning (AML), inference for Gaussian models in the presence of an adversary is notably understudied. Therefore, we consider a self-interested attacker who wishes to disrupt a decisionmaker's conditional inference and subsequent actions by corrupting a set of evidentiary variables. To avoid detection, the attacker also desires the attack to appear plausible wherein plausibility is determined by the density of the corrupted evidence. We consider white- and grey-box settings such that the attacker has complete and incomplete knowledge about the decisionmaker's underlying multivariate Gaussian distribution, respectively. Select instances are shown to reduce to quadratic and stochastic quadratic programs, and structural properties are derived to inform solution methods. We assess the impact and efficacy of these attacks in three examples, including, a real estate evaluation application, an interest rate prediction task, and the use of linear Gaussian state space models. Each example leverages an alternative underlying model, thereby highlighting the attacks' broad applicability. Through these applications, we also juxtapose the behavior of the white- and grey-box attacks to understand how uncertainty and structure affect attacker behavior. • Adversarial machine learning is adopted to a foundational statistical setting. • Multiple attacks are created under varied attacker information conditions. • Theoretical properties are derived to inform subsequent solution methods. • Computational testing is performed to compare and contrast attack efficacy. • Disparate case studies are performed to illustrate the attacks' broad applicability. [ABSTRACT FROM AUTHOR] |
| Copyright of European Journal of Operational Research is the property of Elsevier B.V. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
Be the first to leave a comment!
