Adversarial Attacks for Drift Detection
This work addresses the challenge of robust drift detection for system monitoring, which is crucial for preventing malfunctions and failures, but it is incremental as it builds on existing detection schemes.
The paper tackled the problem of concept drift detection by exposing vulnerabilities in common detection schemes, showing how to construct data streams that drift without detection, referred to as drift adversarials, and provided theoretical and empirical validation of these findings.
Concept drift refers to the change of data distributions over time. While drift poses a challenge for learning models, requiring their continual adaption, it is also relevant in system monitoring to detect malfunctions, system failures, and unexpected behavior. In the latter case, the robust and reliable detection of drifts is imperative. This work studies the shortcomings of commonly used drift detection schemes. We show how to construct data streams that are drifting without being detected. We refer to those as drift adversarials. In particular, we compute all possible adversairals for common detection schemes and underpin our theoretical findings with empirical evaluations.