Data Poisoning Attacks on Regression Learning and Corresponding Defenses

09/15/2020
by   Nicolas Michael Müller, et al.
0

Adversarial data poisoning is an effective attack against machine learning and threatens model integrity by introducing poisoned data into the training dataset. So far, it has been studied mostly for classification, even though regression learning is used in many mission critical systems (such as dosage of medication, control of cyber-physical systems and managing power supply). Therefore, in the present research, we aim to evaluate all aspects of data poisoning attacks on regression learning, exceeding previous work both in terms of breadth and depth. We present realistic scenarios in which data poisoning attacks threaten production systems and introduce a novel black-box attack, which is then applied to a real-word medical use-case. As a result, we observe that the mean squared error (MSE) of the regressor increases to 150 percent due to inserting only two percent of poison samples. Finally, we present a new defense strategy against the novel and previous attacks and evaluate it thoroughly on 26 datasets. As a result of the conducted experiments, we conclude that the proposed defence strategy effectively mitigates the considered attacks.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
03/22/2019

Limitations on Observability of Effects in Cyber-Physical Systems

Increased interconnectivity of Cyber-Physical Systems, by design or othe...
research
02/27/2023

Physical Adversarial Attacks on Deep Neural Networks for Traffic Sign Recognition: A Feasibility Study

Deep Neural Networks (DNNs) are increasingly applied in the real world i...
research
09/29/2021

Back in Black: A Comparative Evaluation of Recent State-Of-The-Art Black-Box Attacks

The field of adversarial machine learning has experienced a near exponen...
research
06/11/2020

Robustness to Adversarial Attacks in Learning-Enabled Controllers

Learning-enabled controllers used in cyber-physical systems (CPS) are kn...
research
03/16/2023

DeeBBAA: A benchmark Deep Black Box Adversarial Attack against Cyber-Physical Power Systems

An increased energy demand, and environmental pressure to accommodate hi...
research
04/12/2019

Adversarial Learning in Statistical Classification: A Comprehensive Review of Defenses Against Attacks

With the wide deployment of machine learning (ML) based systems for a va...
research
06/21/2022

Natural Backdoor Datasets

Extensive literature on backdoor poison attacks has studied attacks and ...

Please sign up or login with your details

Forgot password? Click here to reset