Detection of Adversarial Training Examples in Poisoning Attacks through Anomaly Detection

Created2022-04-22|Updated2023-09-27|papersabstract

|Post Views:

Detection of Adversarial Training Examples in Poisoning Attacks through Anomaly Detection abstract。

解决的问题

数据投毒是针对机器学习系统的安全威胁，攻击者可以在训练数据中注入恶意样本来破坏学习过程。
最近在针对机器学习的攻击方面的工作表明，所谓的最优攻击策略可以成功地给线性分类器投毒，改变一小部分训练数据之后可以显著降低系统性能。

Architecture

arch
在本文中，提出了一个可以降低基于异常值最佳投毒攻击的防御机制。

思路与步骤

从数据集中分离出一部分可信的数据
针对每一类训练一个基于距离的异常值检测器
给定一个数据集，为其中每个样本计算一个异常值q(x)，并基于训练实例分数的经验累积分布函数 Empirical Cumulative distribution Function, ECDF 获得阈值
识别真实数据比例 alpha-percentile

Author: odymit

Link: http://odymit.github.io/2022/04/22/Detection-of-Adversarial-Training-Examples-in-Poisoning-Attacks-through-Anomaly-Detection/

Copyright Notice: All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.

异常值检测

Related Articles

Jangseung: A Guardian for Machine Learning Algorithms to Protect Against Poisoning Attacks

LOF: Identifying Density-Based Local Outliers

NIC: Detecting Adversarial Samples with Neural Network Invariant Checking

数据集异常值检测相关工作调研

Robust Estimators in High Dimensions without the Computational Intractability

Loading the Database