Abstract
In this paper we introduce the data omission attack—a new type of attack against learning mechanisms. The attack can be seen as a specific type of a poisoning attack. However, while poisoning attacks typically corrupt data in various ways including addition, omission and modification, to optimize the attack, we focus on omission only, which is much simpler to implement and analyze. A major advantage of our attack method is its generality. While poisoning attacks are usually optimized for a specific learner and prove ineffective against others, our attack is effective against a variety of learners. We demonstrate this effectiveness via a series of attack experiments against various learning mechanisms. We show that, with a relatively low attack budget, our omission attack succeeds regardless of the target learner.
Original language | English |
---|---|
Title of host publication | Engineering Dependable and Secure Machine Learning Systems - Third International Workshop, EDSMLS 2020, Revised Selected Papers |
Editors | Onn Shehory, Eitan Farchi, Guy Barash |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 23-41 |
Number of pages | 19 |
ISBN (Print) | 9783030621438 |
DOIs | |
State | Published - 2020 |
Event | 3rd International Workshop on Engineering Dependable and Secure Machine Learning Systems, EDSMLS 2020 - New York City, United States Duration: 7 Feb 2020 → 7 Feb 2020 |
Publication series
Name | Communications in Computer and Information Science |
---|---|
Volume | 1272 |
ISSN (Print) | 1865-0929 |
ISSN (Electronic) | 1865-0937 |
Conference
Conference | 3rd International Workshop on Engineering Dependable and Secure Machine Learning Systems, EDSMLS 2020 |
---|---|
Country/Territory | United States |
City | New York City |
Period | 7/02/20 → 7/02/20 |
Bibliographical note
Publisher Copyright:© 2020, Springer Nature Switzerland AG.
Keywords
- Adversarial ML
- Machine learning