Speaker: William N. Caballero, Maj, USAF, PhD
Title: Indiscriminate Disruption of Conditional Inference on Multivariate Gaussians
Abstract:
The multivariate Gaussian distribution is a fundamental probabilistic model. It underpins numerous machine learning methods (e.g., Bayesian optimization and Gaussian Bayesian networks) and is commonly used in myriad academic disciplines (e.g., biology and economics). However, given recent advances in adversarial machine learning, it is important to revisit the effects a malicious actor may have on inferences derived from a multivariate Gaussian. Therefore, within this research, we consider a self-interested attacker who wishes to maximally disrupt a decision-maker's conditional inference by corrupting a set of evidentiary variables. However, to avoid detection, the attacker also wishes for the attack to appear plausible wherein such plausibility is determined by the density of the corrupted evidence. We consider both a white-box and grey-box setting such that the attacker has complete and incomplete knowledge about the decision-maker’s multivariate Gaussian distribution, respectively. The problems are shown to reduce to quadratic and stochastic quadratic programs when attacks are constrained to a polyhedral set. We derive proofs that explore the problems' structure and that inform requisite solution methods as well. Computational testing is provided to showcase the impacts of these attacks on multiple, realistic case studies.
Note: Seminars are free and open to the public. Reception to follow.
