English
Related papers

Related papers: Property Inference From Poisoning

200 papers

Data poisoning is a training-time attack that undermines the trustworthiness of learned models. In a targeted data poisoning attack, an adversary manipulates the training dataset to alter the classification of a targeted test point. Given…

Machine Learning · Computer Science 2025-11-18 Nakshatra Gupta , Sumanth Prabhu , Supratik Chakraborty , R Venkatesh

While machine learning (ML) has made tremendous progress during the past decade, recent research has shown that ML models are vulnerable to various security and privacy attacks. So far, most of the attacks in this field focus on…

Cryptography and Security · Computer Science 2021-11-16 Junhao Zhou , Yufei Chen , Chao Shen , Yang Zhang

Both fair machine learning and adversarial learning have been extensively studied. However, attacking fair machine learning models has received less attention. In this paper, we present a framework that seeks to effectively generate…

Machine Learning · Computer Science 2021-10-19 Minh-Hao Van , Wei Du , Xintao Wu , Aidong Lu

Membership inference attacks aim to infer whether a data record has been used to train a target model by observing its predictions. In sensitive domains such as healthcare, this can constitute a severe privacy violation. In this work we…

Cryptography and Security · Computer Science 2022-12-05 Tomas Chobola , Dmitrii Usynin , Georgios Kaissis

In this paper, we study PAC learnability and certification of predictions under instance-targeted poisoning attacks, where the adversary who knows the test instance may change a fraction of the training set with the goal of fooling the…

Machine Learning · Computer Science 2021-08-10 Ji Gao , Amin Karbasi , Mohammad Mahmoody

When an adversary provides poison samples to a machine learning model, privacy leakage, such as membership inference attacks that infer whether a sample was included in the training of the model, becomes effective by moving the sample to an…

Cryptography and Security · Computer Science 2023-03-23 Yumeki Goto , Nami Ashizawa , Toshiki Shibahara , Naoto Yanai

Indiscriminate data poisoning attacks aim to decrease a model's test accuracy by injecting a small amount of corrupted training data. Despite significant interest, existing attacks remain relatively ineffective against modern machine…

Machine Learning · Computer Science 2023-06-07 Yiwei Lu , Gautam Kamath , Yaoliang Yu

Data poisoning attacks -- where an adversary can modify a small fraction of training data, with the goal of forcing the trained classifier to high loss -- are an important threat for machine learning in many applications. While a body of…

Machine Learning · Computer Science 2020-02-21 Yizhen Wang , Somesh Jha , Kamalika Chaudhuri

How much does a machine learning algorithm leak about its training data, and why? Membership inference attacks are used as an auditing tool to quantify this leakage. In this paper, we present a comprehensive \textit{hypothesis testing…

Machine Learning · Computer Science 2022-09-14 Jiayuan Ye , Aadyaa Maddi , Sasi Kumar Murakonda , Vincent Bindschaedler , Reza Shokri

Machine learning has become an important component for many systems and applications including computer vision, spam filtering, malware and network intrusion detection, among others. Despite the capabilities of machine learning algorithms…

Machine Learning · Statistics 2018-02-14 Andrea Paudice , Luis Muñoz-González , Andras Gyorgy , Emil C. Lupu

We quantitatively investigate how machine learning models leak information about the individual data records on which they were trained. We focus on the basic membership inference attack: given a data record and black-box access to a model,…

Cryptography and Security · Computer Science 2017-04-04 Reza Shokri , Marco Stronati , Congzheng Song , Vitaly Shmatikov

Data poisoning is a type of adversarial attack on training data where an attacker manipulates a fraction of data to degrade the performance of machine learning model. Therefore, applications that rely on external data-sources for training…

Machine Learning · Computer Science 2021-04-28 Sanjay Seetharaman , Shubham Malaviya , Rosni KV , Manish Shukla , Sachin Lodha

The success of machine learning is fueled by the increasing availability of computing power and large training datasets. The training data is used to learn new models or update existing ones, assuming that it is sufficiently representative…

Data poisoning causes misclassification of test time target examples by injecting maliciously crafted samples in the training data. Existing defenses are often effective only against a specific type of targeted attack, significantly degrade…

Machine Learning · Computer Science 2022-10-19 Yu Yang , Tian Yu Liu , Baharan Mirzasoleiman

Machine learning models have achieved great success in supervised learning tasks for end-to-end training, which requires a large amount of labeled data that is not always feasible. Recently, many practitioners have shifted to…

Machine Learning · Computer Science 2024-02-21 Yiwei Lu , Matthew Y. R. Yang , Gautam Kamath , Yaoliang Yu

Deep learning models have consistently outperformed traditional machine learning models in various classification tasks, including image classification. As such, they have become increasingly prevalent in many real world applications…

Cryptography and Security · Computer Science 2018-08-31 Cong Liao , Haoti Zhong , Anna Squicciarini , Sencun Zhu , David Miller

Machine learning models have been shown to leak information violating the privacy of their training set. We focus on membership inference attacks on machine learning models which aim to determine whether a data point was used to train the…

Cryptography and Security · Computer Science 2020-09-02 Shadi Rahimian , Tribhuvanesh Orekondy , Mario Fritz

As in-the-wild data are increasingly involved in the training stage, machine learning applications become more susceptible to data poisoning attacks. Such attacks typically lead to test-time accuracy degradation or controlled misprediction.…

Cryptography and Security · Computer Science 2022-11-02 Yufei Chen , Chao Shen , Yun Shen , Cong Wang , Yang Zhang

Deep image classification models trained on vast amounts of web-scraped data are susceptible to data poisoning - a mechanism for backdooring models. A small number of poisoned samples seen during training can severely undermine a model's…

Cryptography and Security · Computer Science 2023-06-30 Nils Lukas , Florian Kerschbaum

Federated learning distributes model training among a multitude of agents, who, guided by privacy concerns, perform training using their local data but share only model parameter updates, for iterative aggregation at the server. In this…

Machine Learning · Computer Science 2019-11-26 Arjun Nitin Bhagoji , Supriyo Chakraborty , Prateek Mittal , Seraphin Calo