Accumulative Poisoning Attacks on Real-time Data
Dec 6, 2021
Speakers
Tianyu Pang
Speaker · 0 followers
Yinpeng Dong
Speaker · 0 followers
About
Collecting training data from untrusted sources exposes machine learning services to poisoning adversaries, who maliciously manipulate training data to degrade the model accuracy. When trained on offline datasets, poisoning adversaries have to inject the poisoned data in advance before training, and the order of feeding these poisoned batches into the model is stochastic. In contrast, practical systems are more usually trained/fine-tuned on sequentially captured real-time data, in which case poisoning adversaries could dynamically poison each data batch according to the current model state. In this paper, we focus on the real-time settings and propose a new attacking strategy, which affiliates an accumulative phase with poisoning attacks to secretly (i.e., without affecting accuracy) magnify the destructive effect of a (poisoned) trigger batch. By mimicking online learning and federated learning on CIFAR-10, we show that the model accuracy will significantly drop by a single update step on the trigger batch after the accumulative phase. Our work validates that a well-designed but straightforward attacking strategy can dramatically amplify the poisoning effects, with no need to explore complex techniques.Collecting training data from untrusted sources exposes machine learning services to poisoning adversaries, who maliciously manipulate training data to degrade the model accuracy. When trained on offline datasets, poisoning adversaries have to inject the poisoned data in advance before training, and the order of feeding these poisoned batches into the model is stochastic. In contrast, practical systems are more usually trained/fine-tuned on sequentially captured real-time data, in which case poi…
Organizer
NeurIPS 2021
Account · 1.9k followers
About NeurIPS 2021
Neural Information Processing Systems (NeurIPS) is a multi-track machine learning and computational neuroscience conference that includes invited talks, demonstrations, symposia and oral and poster presentations of refereed papers. Following the conference, there are workshops which provide a less formal setting.
Like the format? Trust SlidesLive to capture your next event!
Professional recording and live streaming, delivered globally.
Sharing
Recommended Videos
Presentations on similar topic, category or speaker
CAPE: Encoding Relative Positions with Continuous Augmented Positional Embeddings
Watch later
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
Queer in AI Workshop 1
Watch later
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
Adversarial Regression with Doubly Non-negative Weighting Matrices
Watch later
Tam Le, …
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
Backdoor Attack with Imperceptible Input and Latent Modification
Watch later
Khoa D. Doan, …
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
Towards Essential and Simple Ethical Guidelines for AI
Watch later
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
Optimality and Stability in Federated Learning: A Game-theoretic Approach
Watch later
Kate Donahue, …
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%