Pith. sign in

REVIEW 3 cited by

Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning

Not yet reviewed by Pith; the record is open.

This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.

SPECIMEN: schema-true, not a live event

T0 review · schema-true

One-sentence machine reading of the paper's core claim.

pith:XXXXXXXX · record.json · timestamp

arxiv 1804.00308 v3 pith:5BZJTRWK submitted 2018-04-01 cs.CR cs.GTcs.LG

Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning

classification cs.CR cs.GTcs.LG
keywords attackspoisoninglearningmachinemodelsregressionattackerscountermeasures
verification ladder T0 review T1 audit T2 compute T3 formal T4 reserved
0 comments
read the original abstract

As machine learning becomes widely used for automated decisions, attackers have strong incentives to manipulate the results and models generated by machine learning algorithms. In this paper, we perform the first systematic study of poisoning attacks and their countermeasures for linear regression models. In poisoning attacks, attackers deliberately influence the training data to manipulate the results of a predictive model. We propose a theoretically-grounded optimization framework specifically designed for linear regression and demonstrate its effectiveness on a range of datasets and models. We also introduce a fast statistical attack that requires limited knowledge of the training process. Finally, we design a new principled defense method that is highly resilient against all poisoning attacks. We provide formal guarantees about its convergence and an upper bound on the effect of poisoning attacks when the defense is deployed. We evaluate extensively our attacks and defenses on three realistic datasets from health care, loan assessment, and real estate domains.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 3 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. RAG-Pull: Turning Retrieval into a Code-Injection Channel via Invisible Unicode Perturbations

    cs.CR 2025-10 unverdicted novelty 7.0

    RAG-Pull uses minimal invisible UTF perturbations on queries or target code to achieve near-perfect redirection of RAG retrieval to malicious snippets that enable remote code execution and SQL injection.

  2. Structural Adversarial Attacks on Relational Deep Learning under Integrity Constraints

    cs.LG 2026-07 conditional novelty 6.0

    Gradient-guided rewiring of foreign-key edges in relational databases degrades GNN predictions on regression tasks while preserving schema integrity constraints.

  3. Enabling Adversarial Robustness in AI Models through Kubeflow MLOps

    cs.CR 2026-05 unverdicted novelty 3.0

    A Kubeflow-based MLOps architecture detects FGSM adversarial attacks on deployed AI models and automatically applies PGD-based adversarial training to recover accuracy.