Summary of Data Poisoning Attacks on Off-policy Policy Evaluation Methods, by Elita Lobo et al.
Data Poisoning Attacks on Off-Policy Policy Evaluation Methods
by Elita Lobo, Harvineet Singh, Marek Petrik, Cynthia Rudin, Himabindu Lakkaraju
First submitted to arxiv on: 6 Apr 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Artificial Intelligence (cs.AI); Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary The proposed research investigates the vulnerability of Off-policy Evaluation (OPE) methods in high-stakes domains, such as healthcare, to adversarial threats to data quality. It explores the sensitivity of these methods to marginal perturbations and demonstrates that many existing OPE methods are prone to generating inaccurate value estimates even with small attacks. The study highlights the need for developing robust OPE methods that can withstand train-time data poisoning attacks. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary The research looks at how well Off-policy Evaluation (OPE) methods work in situations where we can’t test them, like healthcare, because it’s expensive or hard to do so. It wants to know if these methods are reliable when someone tries to cheat by changing the data a little bit. The study shows that many of these methods are not good at all and give wrong answers even with just a tiny bit of cheating. This means we need to make better OPE methods that can handle this kind of attack. |
