REVIEW 3 cited by
Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning
Not yet reviewed by Pith; the record is open.
This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.
SPECIMEN: schema-true, not a live event
T0 review · schema-true
One-sentence machine reading of the paper's core claim.
pith:XXXXXXXX · record.json · timestamp
Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning
read the original abstract
As machine learning becomes widely used for automated decisions, attackers have strong incentives to manipulate the results and models generated by machine learning algorithms. In this paper, we perform the first systematic study of poisoning attacks and their countermeasures for linear regression models. In poisoning attacks, attackers deliberately influence the training data to manipulate the results of a predictive model. We propose a theoretically-grounded optimization framework specifically designed for linear regression and demonstrate its effectiveness on a range of datasets and models. We also introduce a fast statistical attack that requires limited knowledge of the training process. Finally, we design a new principled defense method that is highly resilient against all poisoning attacks. We provide formal guarantees about its convergence and an upper bound on the effect of poisoning attacks when the defense is deployed. We evaluate extensively our attacks and defenses on three realistic datasets from health care, loan assessment, and real estate domains.
Forward citations
Cited by 3 Pith papers
-
RAG-Pull: Turning Retrieval into a Code-Injection Channel via Invisible Unicode Perturbations
RAG-Pull uses minimal invisible UTF perturbations on queries or target code to achieve near-perfect redirection of RAG retrieval to malicious snippets that enable remote code execution and SQL injection.
-
Structural Adversarial Attacks on Relational Deep Learning under Integrity Constraints
Gradient-guided rewiring of foreign-key edges in relational databases degrades GNN predictions on regression tasks while preserving schema integrity constraints.
-
Enabling Adversarial Robustness in AI Models through Kubeflow MLOps
A Kubeflow-based MLOps architecture detects FGSM adversarial attacks on deployed AI models and automatically applies PGD-based adversarial training to recover accuracy.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.