English
Related papers

Related papers: Curie: A method for protecting SVM Classifier from…

200 papers

Speaker verification has been widely and successfully adopted in many mission-critical areas for user identification. The training of speaker verification requires a large amount of data, therefore users usually need to adopt third-party…

Cryptography and Security · Computer Science 2021-02-04 Tongqing Zhai , Yiming Li , Ziqi Zhang , Baoyuan Wu , Yong Jiang , Shu-Tao Xia

Data Poisoning (DP) is an effective attack that causes trained classifiers to misclassify their inputs. DP attacks significantly degrade a classifier's accuracy by covertly injecting attack samples into the training set. Broadly applicable…

Machine Learning · Computer Science 2022-05-13 Xi Li , David J. Miller , Zhen Xiang , George Kesidis

Recent studies have shown that deep learning models are very vulnerable to poisoning attacks. Many defense methods have been proposed to address this issue. However, traditional poisoning attacks are not as threatening as commonly believed.…

Machine Learning · Computer Science 2025-12-12 Yuhao He , Jinyu Tian , Xianwei Zheng , Li Dong , Yuanman Li , Jiantao Zhou

Training pipelines for machine learning (ML) based malware classification often rely on crowdsourced threat feeds, exposing a natural attack injection point. In this paper, we study the susceptibility of feature-based ML malware classifiers…

Cryptography and Security · Computer Science 2021-01-12 Giorgio Severi , Jim Meyer , Scott Coull , Alina Oprea

Adversarial attacks such as poisoning attacks have attracted the attention of many machine learning researchers. Traditionally, poisoning attacks attempt to inject adversarial training data in order to manipulate the trained model. In…

Machine Learning · Computer Science 2025-03-26 Ali Raza , Shujun Li , Kim-Phuc Tran , Ludovic Koehl , Kim Duc Tran

Two widely used techniques for training supervised machine learning models on small datasets are Active Learning and Transfer Learning. The former helps to optimally use a limited budget to label new data. The latter uses large pre-trained…

Machine Learning · Computer Science 2021-01-28 Nicolas M. Müller , Konstantin Böttinger

Poisoning attacks on machine learning systems compromise the model performance by deliberately injecting malicious samples in the training dataset to influence the training process. Prior works focus on either availability attacks (i.e.,…

Machine Learning · Computer Science 2021-10-13 Bingyin Zhao , Yingjie Lao

In a poisoning attack, an adversary with control over a small fraction of the training data attempts to select that data in a way that induces a corrupted model that misbehaves in favor of the adversary. We consider poisoning attacks…

Machine Learning · Computer Science 2021-04-22 Fnu Suya , Saeed Mahloujifar , Anshuman Suri , David Evans , Yuan Tian

Data poisoning is an attack on machine learning models wherein the attacker adds examples to the training set to manipulate the behavior of the model at test time. This paper explores poisoning attacks on neural nets. The proposed attacks…

Machine Learning · Computer Science 2018-11-13 Ali Shafahi , W. Ronny Huang , Mahyar Najibi , Octavian Suciu , Christoph Studer , Tudor Dumitras , Tom Goldstein

Data poisoning attacks -- where an adversary can modify a small fraction of training data, with the goal of forcing the trained classifier to high loss -- are an important threat for machine learning in many applications. While a body of…

Machine Learning · Computer Science 2020-02-21 Yizhen Wang , Somesh Jha , Kamalika Chaudhuri

As machine learning becomes widely used for automated decisions, attackers have strong incentives to manipulate the results and models generated by machine learning algorithms. In this paper, we perform the first systematic study of…

Cryptography and Security · Computer Science 2021-09-29 Matthew Jagielski , Alina Oprea , Battista Biggio , Chang Liu , Cristina Nita-Rotaru , Bo Li

Semi-supervised machine learning models learn from a (small) set of labeled training examples, and a (large) set of unlabeled training examples. State-of-the-art models can reach within a few percentage points of fully-supervised training,…

Machine Learning · Computer Science 2021-08-11 Nicholas Carlini

We introduce a new class of attacks on machine learning models. We show that an adversary who can poison a training dataset can cause models trained on this dataset to leak significant private details of training points belonging to other…

Cryptography and Security · Computer Science 2022-10-07 Florian Tramèr , Reza Shokri , Ayrton San Joaquin , Hoang Le , Matthew Jagielski , Sanghyun Hong , Nicholas Carlini

A number of online services nowadays rely upon machine learning to extract valuable information from data collected in the wild. This exposes learning algorithms to the threat of data poisoning, i.e., a coordinate attack in which a fraction…

Recommendation and collaborative filtering systems are important in modern information and e-commerce applications. As these systems are becoming increasingly popular in the industry, their outputs could affect business decision making,…

Machine Learning · Computer Science 2016-10-07 Bo Li , Yining Wang , Aarti Singh , Yevgeniy Vorobeychik

As in-the-wild data are increasingly involved in the training stage, machine learning applications become more susceptible to data poisoning attacks. Such attacks typically lead to test-time accuracy degradation or controlled misprediction.…

Cryptography and Security · Computer Science 2022-11-02 Yufei Chen , Chao Shen , Yun Shen , Cong Wang , Yang Zhang

Data poisoning is one of the most relevant security threats against machine learning and data-driven technologies. Since many applications rely on untrusted training data, an attacker can easily craft malicious samples and inject them into…

Cryptography and Security · Computer Science 2021-12-01 Nicolas M. Müller , Simon Roschmann , Konstantin Böttinger

In this work, we investigate the concept of biometric backdoors: a template poisoning attack on biometric systems that allows adversaries to stealthily and effortlessly impersonate users in the long-term by exploiting the template update…

Cryptography and Security · Computer Science 2020-11-06 Giulio Lovisotto , Simon Eberz , Ivan Martinovic

Machine learning models have been widely adopted in several fields. However, most recent studies have shown several vulnerabilities from attacks with a potential to jeopardize the integrity of the model, presenting a new window of research…

Cryptography and Security · Computer Science 2022-02-23 Miguel A. Ramirez , Song-Kyoo Kim , Hussam Al Hamadi , Ernesto Damiani , Young-Ji Byon , Tae-Yeon Kim , Chung-Suk Cho , Chan Yeob Yeun

Despite remarkable improvements, automatic speech recognition is susceptible to adversarial perturbations. Compared to standard machine learning architectures, these attacks are significantly more challenging, especially since the inputs to…