Adversarially Robust Streaming via Dense-Sparse Trade-offs

@inproceedings{BenEliezer2022AdversariallyRS,
  title={Adversarially Robust Streaming via Dense-Sparse Trade-offs},
  author={Omri Ben-Eliezer and Talya Eden and Krzysztof Onak},
  booktitle={SOSA},
  year={2022}
}
A streaming algorithm is adversarially robust if it is guaranteed to perform correctly even in the presence of an adaptive adversary. The development and analysis of such algorithms have been a very active topic recently, and several sophisticated frameworks for robustification of classical streaming algorithms have been developed. One of the main open questions in this area is whether efficient adversarially robust algorithms exist for moment estimation problems (e.g., F2-estimation) under the… 

Tables from this paper

A Framework for Adversarially Robust Streaming Algorithms

TLDR
This work develops several generic tools allowing one to efficiently transform a non-robust streaming algorithm into a robust one in various scenarios, and develops adversarially robust (1+ε)-approximation algorithms whose required space matches that of the best known non-Robust algorithms.

Adversarially Robust Coloring for Graph Streams

TLDR
It is proved that an adversarially robust algorithm running under a similar space bound must spend almost Ω(∆2) colors and that robust O( ∆)-coloring requires a linear amount of space, namelyΩ(n∆), the first significant separation between randomized and deterministic coloring algorithms for graph streams.

On the Robustness of CountSketch to Adaptive Inputs

TLDR
A robust estimator is proposed (for a slightly modified sketch) that al-lows for quadratic number of queries in the sketch size, which is an improvement factor of √ k (for k heavy hitters) over prior "blackbox" approaches.

The White-Box Adversarial Data Stream Model

TLDR
This work gives a randomized algorithm for the L1-heavy hitters problem that outperforms the optimal deterministic Misra-Gries algorithm on long streams and gives a general technique that translates any two-player deterministic communication lower bound to a lower bound for randomized algorithms robust to a white-box adversary.

Adversarially Robust Streaming Algorithms via Differential Privacy

TLDR
A connection is established between adversarial robustness of streaming algorithms and the notion of differential privacy that allows for new adversarially robust streaming algorithms that outperform the current state-of-the-art constructions for many interesting regimes of parameters.

Dynamic algorithms against an adaptive adversary: generic constructions and lower bounds

TLDR
A general reduction is given transforming a dynamic algorithm against an oblivious adversary to a dynamic algorithms robust against an adaptive adversary, which maintains several copies of the oblivious algorithm and uses differential privacy to protect their random bits.

Faster maxflow via improved dynamic spectral vertex sparsifiers

TLDR
This work combines a procedure for turning algorithms for estimating a sequence of vectors under updates from an oblivious adversary to one that tolerates adaptive adversaries via the Gaussian-mechanism from differential privacy, and an algorithm that on graphs with m edges computes a mincost flow with edge costs and capacities in time O(m3/2−1/58 log2 U).

A Framework for Adversarially Robust Streaming Algorithms

TLDR
This work shows that the answer is positive for various important streaming problems in the insertion-only model, including distinct elements and more generally $F_p$-estimation, Fp-heavy hitters, entropy estimation, and others.

References

SHOWING 1-10 OF 27 REFERENCES

A Framework for Adversarial Streaming via Differential Privacy and Difference Estimators

TLDR
A new framework for robust streaming is proposed that combines techniques from two recently suggested frameworks by Hassidim et al. and Woodru and Zhou into a single hybrid framework that obtains the “best of both worlds”, thereby solving a question left open by Woodruff and Zhou.

Adversarial Robustness of Streaming Algorithms through Importance Sampling

TLDR
This paper introduces adversarially robust streaming algorithms for central machine learning and algorithmic tasks, such as regression and clustering, as well as their more general counterparts, subspace embedding, low-rank approximation, and coreset construction, and shows that the well-known merge and reduce paradigm used for corset construction in streaming is adversARially robust.

Adversarially Robust Streaming Algorithms via Differential Privacy

TLDR
A connection is established between adversarial robustness of streaming algorithms and the notion of differential privacy that allows for new adversarially robust streaming algorithms that outperform the current state-of-the-art constructions for many interesting regimes of parameters.

The Adversarial Robustness of Sampling

TLDR
This work investigates the robustness of sampling against adaptive adversarial attacks in a streaming setting and demonstrates a set system where a constant sample size suffices in the static setting, yet an adaptive adversary can make the sample very unrepresentative, as long as the sample size is (strongly) sublinear in the stream length.

Bounded Space Differentially Private Quantiles

TLDR
This work devise a differentially private algorithm for the quantile estimation problem, with strongly sublinear space complexity, in the one-shot and continual observation settings, and presents another algorithm based on histograms that is especially suited to the multiple quantiles case.

Adversarial laws of large numbers and optimal regret in online classification

TLDR
The sequential sampling model proposed by Ben-Eliezer and Yogev (2020) is considered, and the classes which admit a uniform law of large numbers in this model are characterized: these are exactly the classes that are online learnable.

How robust are linear sketches to adaptive inputs?

TLDR
It is shown that no linear sketch approximates the Euclidean norm of its input to within an arbitrary multiplicative approximation factor on a polynomial number of adaptively chosen inputs.

Calibrating Noise to Sensitivity in Private Data Analysis

TLDR
The study is extended to general functions f, proving that privacy can be preserved by calibrating the standard deviation of the noise according to the sensitivity of the function f, which is the amount that any single argument to f can change its output.

An optimal algorithm for the distinct elements problem

TLDR
The first optimal algorithm for estimating the number of distinct elements in a data stream is given, closing a long line of theoretical research on this problem, and has optimal O(1) update and reporting times.

Mechanism Design via Differential Privacy

TLDR
It is shown that the recent notion of differential privacv, in addition to its own intrinsic virtue, can ensure that participants have limited effect on the outcome of the mechanism, and as a consequence have limited incentive to lie.