Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Robust Decision Aggregation with Adversarial Experts

Yongkang Guo, Yuqing Kong

TL;DR

This work develops a robust, minimax framework for aggregating reports from truthful and adversarial experts in binary and multi-state settings. It establishes that under L1 loss the $k$-truncated mean is optimal for soft forecasts, with regret scaling linearly in the adversary ratio $\gamma$; under L2 loss the optimal soft aggregators are piecewise linear, and for hard decisions a randomized truncation rule (random dictator) is optimal. The theory yields closed-form solutions in the adversarial L2 setting for small $\gamma$, including a hard sigmoid with separators at $\{k,n-k\}$, and extends to the multi-state case via a $k$-ignorance random dictator. Numerical experiments on CIFAR-10 ensemble classification confirm practical gains over majority voting and averaging, and the results reveal how adversaries qualitatively alter optimal aggregation rules. The paper also highlights limitations in the general information-structure setting, offering negative results and outlining directions for future work in forecast aggregation and broader information spaces.

Abstract

We consider a robust aggregation problem in the presence of both truthful and adversarial experts. The truthful experts will report their private signals truthfully, while the adversarial experts can report arbitrarily. We assume experts are marginally symmetric in the sense that they share the same common prior and marginal posteriors. The rule maker needs to design an aggregator to predict the true world state from these experts' reports, without knowledge of the underlying information structures or adversarial strategies. We aim to find the optimal aggregator that outputs a forecast minimizing regret under the worst information structure and adversarial strategies. The regret is defined by the difference in expected loss between the aggregator and a benchmark who aggregates optimally given the information structure and reports of truthful experts. We focus on binary states and reports. Under L1 loss, we show that the truncated mean aggregator is optimal. When there are at most k adversaries, this aggregator discards the k lowest and highest reported values and averages the remaining ones. For L2 loss, the optimal aggregators are piecewise linear functions. All the optimalities hold when the ratio of adversaries is bounded above by a value determined by the experts' priors and posteriors. The regret only depends on the ratio of adversaries, not on their total number. For hard aggregators that output a decision, we prove that a random version of the truncated mean is optimal for both L1 and L2. This aggregator randomly follows a remaining value after discarding the $k$ lowest and highest reported values. We extend the hard aggregator to multi-state setting. We evaluate our aggregators numerically in an ensemble learning task. We also obtain negative results for general adversarial aggregation problems under broader information structures and report spaces.

Robust Decision Aggregation with Adversarial Experts

TL;DR

This work develops a robust, minimax framework for aggregating reports from truthful and adversarial experts in binary and multi-state settings. It establishes that under L1 loss the -truncated mean is optimal for soft forecasts, with regret scaling linearly in the adversary ratio ; under L2 loss the optimal soft aggregators are piecewise linear, and for hard decisions a randomized truncation rule (random dictator) is optimal. The theory yields closed-form solutions in the adversarial L2 setting for small , including a hard sigmoid with separators at , and extends to the multi-state case via a -ignorance random dictator. Numerical experiments on CIFAR-10 ensemble classification confirm practical gains over majority voting and averaging, and the results reveal how adversaries qualitatively alter optimal aggregation rules. The paper also highlights limitations in the general information-structure setting, offering negative results and outlining directions for future work in forecast aggregation and broader information spaces.

Abstract

We consider a robust aggregation problem in the presence of both truthful and adversarial experts. The truthful experts will report their private signals truthfully, while the adversarial experts can report arbitrarily. We assume experts are marginally symmetric in the sense that they share the same common prior and marginal posteriors. The rule maker needs to design an aggregator to predict the true world state from these experts' reports, without knowledge of the underlying information structures or adversarial strategies. We aim to find the optimal aggregator that outputs a forecast minimizing regret under the worst information structure and adversarial strategies. The regret is defined by the difference in expected loss between the aggregator and a benchmark who aggregates optimally given the information structure and reports of truthful experts. We focus on binary states and reports. Under L1 loss, we show that the truncated mean aggregator is optimal. When there are at most k adversaries, this aggregator discards the k lowest and highest reported values and averages the remaining ones. For L2 loss, the optimal aggregators are piecewise linear functions. All the optimalities hold when the ratio of adversaries is bounded above by a value determined by the experts' priors and posteriors. The regret only depends on the ratio of adversaries, not on their total number. For hard aggregators that output a decision, we prove that a random version of the truncated mean is optimal for both L1 and L2. This aggregator randomly follows a remaining value after discarding the lowest and highest reported values. We extend the hard aggregator to multi-state setting. We evaluate our aggregators numerically in an ensemble learning task. We also obtain negative results for general adversarial aggregation problems under broader information structures and report spaces.
Paper Structure (48 sections, 20 theorems, 45 equations, 5 figures, 1 table)

This paper contains 48 sections, 20 theorems, 45 equations, 5 figures, 1 table.

Table of Contents

  1. Introduction
  2. Summary of Results
  3. Theoretical Results
  4. Numerical Results
  5. Extension
  6. Related Work
  7. Robust Information Aggregation
  8. Adversarial Information Aggregation
  9. Robust Ensemble Learning
  10. Problem Statement
  11. Robust Aggregation Paradigm
  12. Theoretical Results
  13. L1 loss
  14. Proof Sketch
  15. If the Number of Adversaries $k$ is Unknown
  16. ...and 33 more sections

Key Result

Theorem 4.2

Let $\bar{\mu}=1-\mu$. When , the $k$-truncated mean is optimal under the L1 loss. Recall that $\mu$ is the prior, $a=\Pr[s_i=H|\omega=1]$ and $b=\Pr[s_i=H|\omega=0]$. Moreover, the regret is

Figures (5)

  • Figure 1: Illustration of optimal soft aggregators for binary aggregation.
  • Figure 2: Illustration for the regret under non-adversarial setting, L2 loss. We fix $\mu=0.5$ and vary the number of experts. The parameters $a,b$ are shown in the legend.
  • Figure 3: The performance of different aggregators under different adversarial strategies. The x-axis is the number of adversaries we add. The number of truthful experts is 100. The y-axis is the regret.
  • Figure 4: The accuracy of different aggregators under extreme strategy. The x-axis is the number of adversaries we added to experts. The number of truthful experts is 100. The y-axis is the accuracy.
  • Figure 5: The performance of different aggregators under different adversarial strategies. The x-axis is the number of adversaries we added to experts. The number of truthful experts is 100. The y-axis is the regret.

Theorems & Definitions (30)

  • Definition 4.1: $k$-truncated mean
  • Theorem 4.2
  • Lemma 4.3
  • Lemma 4.4
  • Lemma 4.5
  • Theorem 4.6
  • Lemma 4.7
  • Theorem 4.8
  • Example 4.9: Examples of the Non-adversarial Setting
  • Definition 5.1: $k$-ignorance random dictator
  • ...and 20 more