Label Sanitization Against Label Flipping Poisoning Attacks View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2019-02-16

AUTHORS

Andrea Paudice , Luis Muñoz-González , Emil C. Lupu

ABSTRACT

Many machine learning systems rely on data collected in the wild from untrusted sources, exposing the learning algorithms to data poisoning. Attackers can inject malicious data in the training dataset to subvert the learning process, compromising the performance of the algorithm producing errors in a targeted or an indiscriminate way. Label flipping attacks are a special case of data poisoning, where the attacker can control the labels assigned to a fraction of the training points. Even if the capabilities of the attacker are constrained, these attacks have been shown to be effective to significantly degrade the performance of the system. In this paper we propose an efficient algorithm to perform optimal label flipping poisoning attacks and a mechanism to detect and relabel suspicious data points, mitigating the effect of such poisoning attacks. More... »

PAGES

5-15

Book

TITLE

ECML PKDD 2018 Workshops

ISBN

978-3-030-13452-5
978-3-030-13453-2

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-030-13453-2_1

DOI

http://dx.doi.org/10.1007/978-3-030-13453-2_1

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1112157786


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Department of Computing, Imperial College London, London, UK", 
          "id": "http://www.grid.ac/institutes/grid.7445.2", 
          "name": [
            "Department of Computing, Imperial College London, London, UK"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Paudice", 
        "givenName": "Andrea", 
        "id": "sg:person.013436520653.34", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013436520653.34"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computing, Imperial College London, London, UK", 
          "id": "http://www.grid.ac/institutes/grid.7445.2", 
          "name": [
            "Department of Computing, Imperial College London, London, UK"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Mu\u00f1oz-Gonz\u00e1lez", 
        "givenName": "Luis", 
        "id": "sg:person.011755172717.81", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011755172717.81"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computing, Imperial College London, London, UK", 
          "id": "http://www.grid.ac/institutes/grid.7445.2", 
          "name": [
            "Department of Computing, Imperial College London, London, UK"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Lupu", 
        "givenName": "Emil C.", 
        "id": "sg:person.013404167044.28", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013404167044.28"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2019-02-16", 
    "datePublishedReg": "2019-02-16", 
    "description": "Many machine learning systems rely on data collected in the wild from untrusted sources, exposing the learning algorithms to data poisoning. Attackers can inject malicious data in the training dataset to subvert the learning process, compromising the performance of the algorithm producing errors in a targeted or an indiscriminate way. Label flipping attacks are a special case of data poisoning, where the attacker can control the labels assigned to a fraction of the training points. Even if the capabilities of the attacker are constrained, these attacks have been shown to be effective to significantly degrade the performance of the system. In this paper we propose an efficient algorithm to perform optimal label flipping poisoning attacks and a mechanism to detect and relabel suspicious data points, mitigating the effect of such poisoning attacks.", 
    "editor": [
      {
        "familyName": "Alzate", 
        "givenName": "Carlos", 
        "type": "Person"
      }, 
      {
        "familyName": "Monreale", 
        "givenName": "Anna", 
        "type": "Person"
      }, 
      {
        "familyName": "Assem", 
        "givenName": "Haytham", 
        "type": "Person"
      }, 
      {
        "familyName": "Bifet", 
        "givenName": "Albert", 
        "type": "Person"
      }, 
      {
        "familyName": "Buda", 
        "givenName": "Teodora Sandra", 
        "type": "Person"
      }, 
      {
        "familyName": "Caglayan", 
        "givenName": "Bora", 
        "type": "Person"
      }, 
      {
        "familyName": "Drury", 
        "givenName": "Brett", 
        "type": "Person"
      }, 
      {
        "familyName": "Garc\u00eda-Mart\u00edn", 
        "givenName": "Eva", 
        "type": "Person"
      }, 
      {
        "familyName": "Gavald\u00e0", 
        "givenName": "Ricard", 
        "type": "Person"
      }, 
      {
        "familyName": "Koprinska", 
        "givenName": "Irena", 
        "type": "Person"
      }, 
      {
        "familyName": "Kramer", 
        "givenName": "Stefan", 
        "type": "Person"
      }, 
      {
        "familyName": "Lavesson", 
        "givenName": "Niklas", 
        "type": "Person"
      }, 
      {
        "familyName": "Madden", 
        "givenName": "Michael", 
        "type": "Person"
      }, 
      {
        "familyName": "Molloy", 
        "givenName": "Ian", 
        "type": "Person"
      }, 
      {
        "familyName": "Nicolae", 
        "givenName": "Maria-Irina", 
        "type": "Person"
      }, 
      {
        "familyName": "Sinn", 
        "givenName": "Mathieu", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-13453-2_1", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-030-13452-5", 
        "978-3-030-13453-2"
      ], 
      "name": "ECML PKDD 2018 Workshops", 
      "type": "Book"
    }, 
    "keywords": [
      "poisoning attacks", 
      "data poisoning", 
      "such poisoning attacks", 
      "label flipping attack", 
      "suspicious data points", 
      "malicious data", 
      "untrusted sources", 
      "training dataset", 
      "efficient algorithm", 
      "attacker", 
      "optimal labels", 
      "training points", 
      "algorithm", 
      "attacks", 
      "learning process", 
      "data points", 
      "indiscriminate way", 
      "labels", 
      "machine", 
      "dataset", 
      "performance", 
      "system", 
      "sanitization", 
      "special case", 
      "capability", 
      "data", 
      "error", 
      "point", 
      "way", 
      "wild", 
      "process", 
      "source", 
      "cases", 
      "mechanism", 
      "effect", 
      "fraction", 
      "poisoning", 
      "paper"
    ], 
    "name": "Label Sanitization Against Label Flipping Poisoning Attacks", 
    "pagination": "5-15", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1112157786"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-13453-2_1"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-13453-2_1", 
      "https://app.dimensions.ai/details/publication/pub.1112157786"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-09-02T16:10", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220902/entities/gbq_results/chapter/chapter_105.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-13453-2_1"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-13453-2_1'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-13453-2_1'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-13453-2_1'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-13453-2_1'


 

This table displays all metadata directly associated to this object as RDF triples.

186 TRIPLES      22 PREDICATES      62 URIs      55 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-030-13453-2_1 schema:about anzsrc-for:08
2 anzsrc-for:0801
3 schema:author Nc45524cf651845b98cebefe39c2e77bf
4 schema:datePublished 2019-02-16
5 schema:datePublishedReg 2019-02-16
6 schema:description Many machine learning systems rely on data collected in the wild from untrusted sources, exposing the learning algorithms to data poisoning. Attackers can inject malicious data in the training dataset to subvert the learning process, compromising the performance of the algorithm producing errors in a targeted or an indiscriminate way. Label flipping attacks are a special case of data poisoning, where the attacker can control the labels assigned to a fraction of the training points. Even if the capabilities of the attacker are constrained, these attacks have been shown to be effective to significantly degrade the performance of the system. In this paper we propose an efficient algorithm to perform optimal label flipping poisoning attacks and a mechanism to detect and relabel suspicious data points, mitigating the effect of such poisoning attacks.
7 schema:editor Nce483160843f416e85136e936deb6e84
8 schema:genre chapter
9 schema:isAccessibleForFree true
10 schema:isPartOf N3f156da108bf4ee3a8dc023d34fd1740
11 schema:keywords algorithm
12 attacker
13 attacks
14 capability
15 cases
16 data
17 data points
18 data poisoning
19 dataset
20 effect
21 efficient algorithm
22 error
23 fraction
24 indiscriminate way
25 label flipping attack
26 labels
27 learning process
28 machine
29 malicious data
30 mechanism
31 optimal labels
32 paper
33 performance
34 point
35 poisoning
36 poisoning attacks
37 process
38 sanitization
39 source
40 special case
41 such poisoning attacks
42 suspicious data points
43 system
44 training dataset
45 training points
46 untrusted sources
47 way
48 wild
49 schema:name Label Sanitization Against Label Flipping Poisoning Attacks
50 schema:pagination 5-15
51 schema:productId Na947bfea25f9436c8a48e688d8a7421e
52 Nf9a52b7ae8ff48f7ab2c4a513e382f4a
53 schema:publisher N22431779a4b241aebf3f5dd2b61f4aa6
54 schema:sameAs https://app.dimensions.ai/details/publication/pub.1112157786
55 https://doi.org/10.1007/978-3-030-13453-2_1
56 schema:sdDatePublished 2022-09-02T16:10
57 schema:sdLicense https://scigraph.springernature.com/explorer/license/
58 schema:sdPublisher N0234a4a25e604376941df85e3665140b
59 schema:url https://doi.org/10.1007/978-3-030-13453-2_1
60 sgo:license sg:explorer/license/
61 sgo:sdDataset chapters
62 rdf:type schema:Chapter
63 N0234a4a25e604376941df85e3665140b schema:name Springer Nature - SN SciGraph project
64 rdf:type schema:Organization
65 N034be25ad3df486cab917157ed0409b7 schema:familyName Gavaldà
66 schema:givenName Ricard
67 rdf:type schema:Person
68 N038f2141da484a18b01617dd45582111 rdf:first Nfdcf027da90b4af4ae48bade85830da1
69 rdf:rest Nfc3755ac0bcc477286413dd44a338109
70 N116d8f34726a411b8979cdd16eb08d56 rdf:first sg:person.011755172717.81
71 rdf:rest N3e7bf875cf9c4652bdec1a8ead880b55
72 N22431779a4b241aebf3f5dd2b61f4aa6 schema:name Springer Nature
73 rdf:type schema:Organisation
74 N24871800ef5043b193017d59847e88ee schema:familyName Caglayan
75 schema:givenName Bora
76 rdf:type schema:Person
77 N2667999e25a34e3fa566ebcc778d6f60 rdf:first N2b02269a255e4201ba4fcf56e5c1442a
78 rdf:rest Nb876dd0b17b54dff845d84346820e6eb
79 N29e8c0b86251407ba89e6fec99e6ebb4 rdf:first N782a59d7faf2429ba763d5bbb9af7a39
80 rdf:rest N382d5e98341d408289ecab1a66e1aa89
81 N2b02269a255e4201ba4fcf56e5c1442a schema:familyName Madden
82 schema:givenName Michael
83 rdf:type schema:Person
84 N382d5e98341d408289ecab1a66e1aa89 rdf:first N034be25ad3df486cab917157ed0409b7
85 rdf:rest Nccd8d5c947fd4bd39814f9a208b4f61b
86 N3a03fce445f24abdbcaa4dccc43f1f5f schema:familyName Molloy
87 schema:givenName Ian
88 rdf:type schema:Person
89 N3e7bf875cf9c4652bdec1a8ead880b55 rdf:first sg:person.013404167044.28
90 rdf:rest rdf:nil
91 N3f156da108bf4ee3a8dc023d34fd1740 schema:isbn 978-3-030-13452-5
92 978-3-030-13453-2
93 schema:name ECML PKDD 2018 Workshops
94 rdf:type schema:Book
95 N48abf38a85ee46e79ea1c360beeec001 schema:familyName Bifet
96 schema:givenName Albert
97 rdf:type schema:Person
98 N4d2a705b1f4d49329935db1141cd9ee6 schema:familyName Assem
99 schema:givenName Haytham
100 rdf:type schema:Person
101 N62287935256e4d3f9fb7a374e3ddadfe rdf:first N48abf38a85ee46e79ea1c360beeec001
102 rdf:rest Na92ad4a5266b4d5fa075daf5032d300a
103 N782a59d7faf2429ba763d5bbb9af7a39 schema:familyName García-Martín
104 schema:givenName Eva
105 rdf:type schema:Person
106 N7c6b898c0ab94b7b88700c45b614019c rdf:first N24871800ef5043b193017d59847e88ee
107 rdf:rest Nf08ee73c04254c62a0eaf4ddc7440ad3
108 N83d692e5196346069630dede3829b720 schema:familyName Alzate
109 schema:givenName Carlos
110 rdf:type schema:Person
111 N8e6ecaf5bce34244bb0dcadb5bbb463a schema:familyName Buda
112 schema:givenName Teodora Sandra
113 rdf:type schema:Person
114 N91e73c53146f4f7ebd9e6344042be6eb schema:familyName Lavesson
115 schema:givenName Niklas
116 rdf:type schema:Person
117 N97287d9fc9e84d21a1fb24e286944031 schema:familyName Koprinska
118 schema:givenName Irena
119 rdf:type schema:Person
120 Na8a7b1326b974d65bea8f52a950246ee rdf:first Naf979ccc42344488a2dbfba44179625d
121 rdf:rest Nc470a0a6c7b743c8a55cf720eac1aad3
122 Na92ad4a5266b4d5fa075daf5032d300a rdf:first N8e6ecaf5bce34244bb0dcadb5bbb463a
123 rdf:rest N7c6b898c0ab94b7b88700c45b614019c
124 Na947bfea25f9436c8a48e688d8a7421e schema:name doi
125 schema:value 10.1007/978-3-030-13453-2_1
126 rdf:type schema:PropertyValue
127 Nadc047c3a00e4ae2a0171656836bbccc rdf:first N4d2a705b1f4d49329935db1141cd9ee6
128 rdf:rest N62287935256e4d3f9fb7a374e3ddadfe
129 Naf979ccc42344488a2dbfba44179625d schema:familyName Nicolae
130 schema:givenName Maria-Irina
131 rdf:type schema:Person
132 Nb876dd0b17b54dff845d84346820e6eb rdf:first N3a03fce445f24abdbcaa4dccc43f1f5f
133 rdf:rest Na8a7b1326b974d65bea8f52a950246ee
134 Nbfabcc99619845bfbb1f878803958abb rdf:first Nd7546b31b72747ae915ba7ada123f4bd
135 rdf:rest Nadc047c3a00e4ae2a0171656836bbccc
136 Nc2071419ebfc4160b4453a722d3bc86a schema:familyName Sinn
137 schema:givenName Mathieu
138 rdf:type schema:Person
139 Nc45524cf651845b98cebefe39c2e77bf rdf:first sg:person.013436520653.34
140 rdf:rest N116d8f34726a411b8979cdd16eb08d56
141 Nc470a0a6c7b743c8a55cf720eac1aad3 rdf:first Nc2071419ebfc4160b4453a722d3bc86a
142 rdf:rest rdf:nil
143 Nccd8d5c947fd4bd39814f9a208b4f61b rdf:first N97287d9fc9e84d21a1fb24e286944031
144 rdf:rest N038f2141da484a18b01617dd45582111
145 Nce483160843f416e85136e936deb6e84 rdf:first N83d692e5196346069630dede3829b720
146 rdf:rest Nbfabcc99619845bfbb1f878803958abb
147 Nd7546b31b72747ae915ba7ada123f4bd schema:familyName Monreale
148 schema:givenName Anna
149 rdf:type schema:Person
150 Nea8b0674be144479a7804e0e561492f3 schema:familyName Drury
151 schema:givenName Brett
152 rdf:type schema:Person
153 Nf08ee73c04254c62a0eaf4ddc7440ad3 rdf:first Nea8b0674be144479a7804e0e561492f3
154 rdf:rest N29e8c0b86251407ba89e6fec99e6ebb4
155 Nf9a52b7ae8ff48f7ab2c4a513e382f4a schema:name dimensions_id
156 schema:value pub.1112157786
157 rdf:type schema:PropertyValue
158 Nfc3755ac0bcc477286413dd44a338109 rdf:first N91e73c53146f4f7ebd9e6344042be6eb
159 rdf:rest N2667999e25a34e3fa566ebcc778d6f60
160 Nfdcf027da90b4af4ae48bade85830da1 schema:familyName Kramer
161 schema:givenName Stefan
162 rdf:type schema:Person
163 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
164 schema:name Information and Computing Sciences
165 rdf:type schema:DefinedTerm
166 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
167 schema:name Artificial Intelligence and Image Processing
168 rdf:type schema:DefinedTerm
169 sg:person.011755172717.81 schema:affiliation grid-institutes:grid.7445.2
170 schema:familyName Muñoz-González
171 schema:givenName Luis
172 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011755172717.81
173 rdf:type schema:Person
174 sg:person.013404167044.28 schema:affiliation grid-institutes:grid.7445.2
175 schema:familyName Lupu
176 schema:givenName Emil C.
177 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013404167044.28
178 rdf:type schema:Person
179 sg:person.013436520653.34 schema:affiliation grid-institutes:grid.7445.2
180 schema:familyName Paudice
181 schema:givenName Andrea
182 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013436520653.34
183 rdf:type schema:Person
184 grid-institutes:grid.7445.2 schema:alternateName Department of Computing, Imperial College London, London, UK
185 schema:name Department of Computing, Imperial College London, London, UK
186 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...