English
Related papers

Related papers: Beyond Full Poisoning: Effective Availability Atta…

200 papers

Machine learning algorithms are vulnerable to poisoning attacks, where a fraction of the training data is manipulated to degrade the algorithms' performance. We show that current approaches, which typically assume that regularization…

Machine Learning · Computer Science 2021-05-25 Javier Carnerero-Cano , Luis Muñoz-González , Phillippa Spencer , Emil C. Lupu

A membership inference attack (MIA) against a machine-learning model enables an attacker to determine whether a given data record was part of the model's training data or not. In this paper, we provide an in-depth study of the phenomenon of…

Machine Learning · Computer Science 2021-09-20 Bogdan Kulynych , Mohammad Yaghini , Giovanni Cherubin , Michael Veale , Carmela Troncoso

Preserving the performance of a trained model while removing unique characteristics of marked training data points is challenging. Recent research usually suggests retraining a model from scratch with remaining training data or refining the…

Machine Learning · Statistics 2022-03-03 Ga Wu , Masoud Hashemi , Christopher Srinivasa

Machine Learning models, extensively used for various multimedia applications, are offered to users as a blackbox service on the Cloud on a pay-per-query basis. Such blackbox models are commercially valuable to adversaries, making them…

Cryptography and Security · Computer Science 2020-02-04 Vasisht Duddu , D. Vijay Rao

Machine unlearning enables the removal of specific data from ML models to uphold the right to be forgotten. While approximate unlearning algorithms offer efficient alternatives to full retraining, this work reveals that they fail to…

Machine Learning · Computer Science 2025-07-29 Yaxin Xiao , Qingqing Ye , Li Hu , Huadi Zheng , Haibo Hu , Zi Liang , Haoyang Li , Yijie Jiao

Most work on sequential learning assumes a fixed set of actions that are available all the time. However, in practice, actions can consist of picking subsets of readings from sensors that may break from time to time, road segments that can…

Machine Learning · Computer Science 2026-04-29 Gergely Neu , Michal Valko

Machine Learning-as-a-Service (MLaaS) has become a widespread paradigm, making even the most complex machine learning models available for clients via e.g. a pay-per-query principle. This allows users to avoid time-consuming processes of…

Machine Learning · Computer Science 2023-06-07 Daryna Oliynyk , Rudolf Mayer , Andreas Rauber

Pre-trained language models (PLMs) have been widely used to underpin various downstream tasks. However, the adversarial attack task has found that PLMs are vulnerable to small perturbations. Mainstream methods adopt a detached two-stage…

Computation and Language · Computer Science 2023-05-30 Xuanjie Fang , Sijie Cheng , Yang Liu , Wei Wang

Machine learning models trained on data from the outside world can be corrupted by data poisoning attacks that inject malicious points into the models' training sets. A common defense against these attacks is data sanitization: first filter…

Machine Learning · Statistics 2021-12-06 Pang Wei Koh , Jacob Steinhardt , Percy Liang

In this paper, a new parameter perturbation attack on DNNs, called adversarial parameter attack, is proposed, in which small perturbations to the parameters of the DNN are made such that the accuracy of the attacked DNN does not decrease…

Machine Learning · Computer Science 2022-03-22 Lijia Yu , Yihan Wang , Xiao-Shan Gao

Decision-based attacks construct adversarial examples against a machine learning (ML) model by making only hard-label queries. These attacks have mainly been applied directly to standalone neural networks. However, in practice, ML models…

Cryptography and Security · Computer Science 2023-07-24 Chawin Sitawarin , Florian Tramèr , Nicholas Carlini

Applying pre-trained models to assist point cloud understanding has recently become a mainstream paradigm in 3D perception. However, existing application strategies are straightforward, utilizing only the final output of the pre-trained…

Computer Vision and Pattern Recognition · Computer Science 2025-05-28 Yaohua Zha , Yanzi Wang , Hang Guo , Jinpeng Wang , Tao Dai , Bin Chen , Zhihao Ouyang , Xue Yuerong , Ke Chen , Shu-Tao Xia

The integration of machine learning (ML) in numerous critical applications introduces a range of privacy concerns for individuals who provide their datasets for model training. One such privacy risk is Membership Inference (MI), in which an…

Machine Learning · Computer Science 2024-01-18 Harsh Chaudhari , Giorgio Severi , Alina Oprea , Jonathan Ullman

Both fair machine learning and adversarial learning have been extensively studied. However, attacking fair machine learning models has received less attention. In this paper, we present a framework that seeks to effectively generate…

Machine Learning · Computer Science 2021-10-19 Minh-Hao Van , Wei Du , Xintao Wu , Aidong Lu

Network-based attacks on control systems may alter sensor data delivered to the controller, effectively causing degradation in control performance. As a result, having access to accurate state estimates, even in the presence of attacks on…

Systems and Control · Electrical Eng. & Systems 2020-05-19 Amir Khazraei , Miroslav Pajic

In multiple domains such as malware detection, automated driving systems, or fraud detection, classification algorithms are susceptible to being attacked by malicious agents willing to perturb the value of instance covariates to pursue…

Machine Learning · Statistics 2025-07-10 Victor Gallego , Roi Naveiro , Alberto Redondo , David Rios Insua , Fabrizio Ruggeri

In recent years, the rise of machine learning (ML) in cybersecurity has brought new challenges, including the increasing threat of backdoor poisoning attacks on ML malware classifiers. For instance, adversaries could inject malicious…

Machine Learning · Computer Science 2026-02-13 Dung Thuy Nguyen , Ngoc N. Tran , Taylor T. Johnson , Kevin Leach

A new mechanism aimed at misleading a power system control center about the source of a data attack is proposed. As a man-in-the-middle state attack, a data framing attack is proposed to exploit the bad data detection and identification…

Cryptography and Security · Computer Science 2014-11-03 Jinsub Kim , Lang Tong , Robert J. Thomas

Sequential Recommenders, which exploit dynamic user intents through interaction sequences, is vulnerable to adversarial attacks. While existing attacks primarily rely on data poisoning, they require large-scale user access or fake profiles…

Machine Learning · Computer Science 2025-12-23 Jiajie Su , Zihan Nan , Yunshan Ma , Xiaobo Xia , Xiaohua Feng , Weiming Liu , Xiang Chen , Xiaolin Zheng , Chaochao Chen

Online experiments %in which experimental units receive a sequence of treatments over time are frequently employed in many technological companies to evaluate the performance of a newly developed policy, product, or treatment relative to a…

Econometrics · Economics 2025-01-14 Ke Sun , Linglong Kong , Hongtu Zhu , Chengchun Shi