Research On Spurious Causal Relationships In Machine Learning

Machine learning models have been widely applied to address societal issues and make high-stakes decisions.In many real-world scenarios,they are required to exhibit not only high accuracy but also robustness and security.However,the advent of techniques like adversarial attacks has sparked concerns about the security and robustness of machine learning models.To enhance various facets of machine learning models,including security and robustness,substantial contributions have been made through numerous research efforts.Nevertheless,existing research often lacks an examination from the perspective of spurious causal relationships.Causal relationships denote events leading to other events’ occurrence or existence,whereas spurious causal relationships indicate that one event does not directly impact another event.Malicious actors may exploit spurious causal relationships by meticulously crafting perturbations on model inputs to deceive the model.Thus,spurious causal relationships are intricately linked with the security and robustness of machine learning models.To address these concerns comprehensively,this paper focuses on verifying the existence of spurious causal relationships,elucidating their adverse influence on machine learning models,analyzing the attributes of spurious causal relationships,and presenting methods to mitigate them.The paper primarily undertakes the following two tasks:1.Using a structural causal graph,analyze the influence of spurious causal relationships on linear regression models,support vector machine regression models,and Bayesian ridge regression models.Firstly,based on small sample datasets Auto MPG and MOP,the presence of spurious causal relationships among features is analyzed through methods focusing on spurious causal relationships.Subsequently,degradation experiments are designed to investigate the impact of spurious causal relationships on model performance and to analyze the reasons behind this impact.Finally,by comparing model performance under different simulation scenarios,the effects of spurious causal relationships on model robustness and security are demonstrated.Experimental results indicate that spurious causal relationships indeed exist among various features of the small sample datasets Auto MPG and MOP.Although removing such features may not directly enhance model performance,it can improve model security and robustness.2.Based on a potential outcomes framework,analyze the impact of spurious causal relationships on deep learning models such as Bert and Word CNN in text classification tasks.Firstly,adversarial text generation algorithms are employed to generate adversarial texts,verifying the presence of spurious causal relationships in adversarial texts.Furthermore,the impact of text content and structural characteristics on the generation of adversarial texts is analyzed.Subsequently,the performance and robustness changes of models are compared on small-scale original data,large-scale original data,and different adversarial samples after training or fine-tuning,in order to study the effects of spurious causal relationships on model performance and robustness,and to analyze the reasons behind these effects.Then,the distribution of adversarial samples in the model’s feature space is visualized to observe changes in the clustering of adversarial samples and original samples from a geometrical perspective.Finally,the performance and robustness of the Word CNN model are compared with and without an attention layer in classification tasks,elucidating the impact of attention mechanisms on spurious causal relationships.Experimental results demonstrate the existence of spurious causal relationships in adversarial samples and reveal that text features are not the primary factors influencing the generation of adversarial samples.By comparing experimental results of model training and fine-tuning on different datasets,it is evident that spurious causal relationships in adversarial samples can harm model performance,security,and robustness.Moreover,adversarial samples can cause changes in the clustering of features in the model’s feature space.Specifically in text data,spurious causal relationships are mainly caused by polysemy.Finally,the use of attention mechanisms can enhance the security and robustness of models in adversarial samples,though adjustments should be made according to the characteristics of different datasets and tasks.