Defending against Poisoning Attacks in Online Learning Settings
File(s)
Author(s)
Collinge, Greg
Lupu, Emil
Munoz Gonzalez, Luis
Type
Conference Paper
Abstract
Machine learning systems are vulnerable to data poisoning, a
coordinated attack where a fraction of the training dataset is manipulated
by an attacker to subvert learning. In this paper we first formulate an optimal attack strategy against online learning classifiers to assess worst-case
scenarios. We also propose two defence mechanisms to mitigate the effect
of online poisoning attacks by analysing the impact of the data points in
the classifier and by means of an adaptive combination of machine learning classifiers with different learning rates. Our experimental evaluation
supports the usefulness of our proposed defences to mitigate the effect of
poisoning attacks in online learning settings.
coordinated attack where a fraction of the training dataset is manipulated
by an attacker to subvert learning. In this paper we first formulate an optimal attack strategy against online learning classifiers to assess worst-case
scenarios. We also propose two defence mechanisms to mitigate the effect
of online poisoning attacks by analysing the impact of the data points in
the classifier and by means of an adaptive combination of machine learning classifiers with different learning rates. Our experimental evaluation
supports the usefulness of our proposed defences to mitigate the effect of
poisoning attacks in online learning settings.
Date Issued
2019-03-28
Date Acceptance
2019-01-24
Citation
Proceedings of the 27th European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning, 2019
ISBN
9782875870650
Publisher
ESANN
Journal / Book Title
Proceedings of the 27th European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning
Copyright Statement
© 2019 ESANN. All rights reserved.
Source
European Symposium on Artificial Neural Networks
Publication Status
Published
Start Date
2019-04-24
Finish Date
2019-04-26
Coverage Spatial
Bruges, Belgium