Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Distributionally Robust Optimization with Adversarial Data Contamination

Shuyao Li, Ilias Diakonikolas, Jelena Diakonikolas

TL;DR

This work addresses learning under distributional shifts when training data may be adversarially contaminated, focusing on Wasserstein-1 DRO with convex Lipschitz losses and an ${\epsilon}$-fraction of corrupted samples. It introduces a principled modeling framework that separates pre-decision data contamination from post-decision shifts and provides an efficient primal-dual algorithm with provable guarantees, achieving an estimation error of ${O(\|w^*\|_2 \sigma \zeta \sqrt{\epsilon})}$ under a bounded-covariance assumption. The paper also shows how the DRO objective can be reformulated as a regularized risk ${\min_w} \mathbb{E}_{P_0}[\ell(w; x, y)] + \rho\zeta\|w\|_s$, and demonstrates robust mean-estimation based inexactness driving the algorithm, with a concrete application to SVMs yielding an ${O(\epsilon^{1/4})}$ error under anti-concentration. Overall, the results establish the first rigorous, computationally efficient guarantees for learning under simultaneous data contamination and distributional shifts, offering a principled path for robust deployment in real-world settings.

Abstract

Distributionally Robust Optimization (DRO) provides a framework for decision-making under distributional uncertainty, yet its effectiveness can be compromised by outliers in the training data. This paper introduces a principled approach to simultaneously address both challenges. We focus on optimizing Wasserstein-1 DRO objectives for generalized linear models with convex Lipschitz loss functions, where an $ε$-fraction of the training data is adversarially corrupted. Our primary contribution lies in a novel modeling framework that integrates robustness against training data contamination with robustness against distributional shifts, alongside an efficient algorithm inspired by robust statistics to solve the resulting optimization problem. We prove that our method achieves an estimation error of $O(\sqrtε)$ for the true DRO objective value using only the contaminated data under the bounded covariance assumption. This work establishes the first rigorous guarantees, supported by efficient computation, for learning under the dual challenges of data contamination and distributional shifts.

Distributionally Robust Optimization with Adversarial Data Contamination

TL;DR

This work addresses learning under distributional shifts when training data may be adversarially contaminated, focusing on Wasserstein-1 DRO with convex Lipschitz losses and an -fraction of corrupted samples. It introduces a principled modeling framework that separates pre-decision data contamination from post-decision shifts and provides an efficient primal-dual algorithm with provable guarantees, achieving an estimation error of under a bounded-covariance assumption. The paper also shows how the DRO objective can be reformulated as a regularized risk , and demonstrates robust mean-estimation based inexactness driving the algorithm, with a concrete application to SVMs yielding an error under anti-concentration. Overall, the results establish the first rigorous, computationally efficient guarantees for learning under simultaneous data contamination and distributional shifts, offering a principled path for robust deployment in real-world settings.

Abstract

Distributionally Robust Optimization (DRO) provides a framework for decision-making under distributional uncertainty, yet its effectiveness can be compromised by outliers in the training data. This paper introduces a principled approach to simultaneously address both challenges. We focus on optimizing Wasserstein-1 DRO objectives for generalized linear models with convex Lipschitz loss functions, where an -fraction of the training data is adversarially corrupted. Our primary contribution lies in a novel modeling framework that integrates robustness against training data contamination with robustness against distributional shifts, alongside an efficient algorithm inspired by robust statistics to solve the resulting optimization problem. We prove that our method achieves an estimation error of for the true DRO objective value using only the contaminated data under the bounded covariance assumption. This work establishes the first rigorous guarantees, supported by efficient computation, for learning under the dual challenges of data contamination and distributional shifts.

Paper Structure

This paper contains 31 sections, 13 theorems, 71 equations, 1 figure, 1 table, 4 algorithms.

Table of Contents

  1. Introduction
  2. Technical Overview
  3. Modeling DRO with Adversarial Training Data Contamination
  4. Formulating and Solving DRO with Adversarial Training Data Contamination
  5. Preliminaries
  6. Optimization
  7. Robust mean estimation
  8. Data-contaminated DRO: Modeling Principles and Problem Formulation
  9. Modeling Principles
  10. Related Models
  11. Equivalent DRO Reformulation
  12. Inexact Hybrid Gradient Oracle
  13. Algorithm and Analysis
  14. Application to SVMs: Removing Dependence on the Optimal Solution Norm
  15. Tuning the Step Size Parameter
  16. ...and 16 more sections

Key Result

Theorem 1.2

Suppose the loss function $\ell({\bm{w}}; {\bm{x}}, y)$ takes the form of $\phi({\bm{w}} \cdot {\bm{x}}, y)$ for some convex function $\phi$ that is $\zeta$-Lipschitz in the first coordinate for all $y$. There is a sample size $N = \tilde{O}( d /\epsilon)$ and an algorithm that, given an ${\epsilon}

Figures (1)

  • Figure 1: Summary comparison of the data contamination and distributional shift assumptions.

Theorems & Definitions (36)

  • Definition 1.1: Strong Contamination Model
  • Theorem 1.2: Main Theorem--Informal; see \ref{['cor:population-error']}
  • Definition 2.1: Proximable function
  • Definition 2.2: Convex Conjugate
  • Definition 2.3: Lipschitz Modulus
  • Definition 2.5: Stability (informal)
  • Example 3.2: Mean Estimation and OR-WDRO for Training Data Contamination
  • proof
  • Lemma 3.3: Limit Behavior of OR-WDRO Formulation
  • proof
  • ...and 26 more