Fair Representation Learning Vulnerability to Data Poisoning Attacks

Fair representation learning methods are vulnerable to data poisoning attacks, impacting model fairness.

Fair machine learning aims to address bias against demographic subgroups. Fair representation learning (FRL) with deep neural networks has shown promise. Data poisoning attacks on FRL are underexplored but pose a significant threat. Proposed data poisoning framework targets FRL models to induce unfair representations. Bilevel optimization is used to approximate the attack goal of maximizing mutual information. Theoretical analysis provides insights into defending against data poisoning attacks. Experimental results demonstrate the effectiveness of the proposed attack on benchmark datasets. Comparison with baseline attacks shows superiority of the proposed method. Sensitivity analysis of the elastic-net penalty in the attack. Identification of robust features in victims after the attack. Related work discusses fairness in machine learning and data poisoning attacks.

최근 연구에서 고령자 및 여성과 같은 인구 하위 그룹에 대한 모델 예측 편향을 완화하는 공정한 기계 학습을 추구합니다. 공정한 표현 학습(FRL)은 딥 뉴럴 네트워크로 훈련된 것으로 우수한 성능을 보여주었습니다. 데이터 독립성을 증진하기 위해 FRL에 대한 데이터 독립성을 증진하기 위한 최초의 데이터 독립성 공격 프레임워크를 제안합니다. 이 공격은 상당한 인구 정보를 포함하는 불공정한 표현을 유도하기 위해 모델을 유도합니다. 상호 정보량을 최대화하는 공격 목표를 근사화하기 위해 바이레벨 최적화를 사용합니다.

"Fair representation learning (FRL) with deep neural networks has attracted great attention." "This work proposes the first data poisoning framework attacking FRL." "Experiments on benchmark fairness datasets demonstrate the superiority of our attack."