Robust Nonparametric Regression under Poisoning Attack. (arXiv:2305.16771v1 [math.ST])

This paper studies robust nonparametric regression, in which an adversarial
attacker can modify the values of up to $q$ samples from a training dataset of
size $N$. Our initial solution is an M-estimator based on Huber loss
minimization. Compared with simple kernel regression, i.e. the Nadaraya-Watson
estimator, this method can significantly weaken the impact of malicious samples
on the regression performance. We provide the convergence rate as well as the
corresponding minimax lower bound. The result shows that, with proper …

adversarial attack kernel loss math minimization poisoning simple size solution studies training under watson