Loading [MathJax]/extensions/MathMenu.js
A Survey on Data Poisoning Attacks and Defenses | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >2022 7th IEEE International C...

A Survey on Data Poisoning Attacks and Defenses

PDF
Jiaxin Fan; Qi Yan; Mohan Li; Guanqun Qu; Yang Xiao
All Authors

Abstract:

With the widespread deployment of data-driven services, the demand for data volumes continues to grow. At present, many applications lack reliable human supervision in th...Show More

Metadata

Abstract:

With the widespread deployment of data-driven services, the demand for data volumes continues to grow. At present, many applications lack reliable human supervision in the process of data collection, which makes the collected data contain low-quality data or even malicious data. This low-quality or malicious data make AI systems potentially face much security challenges. One of the main security threats in the training phase of machine learning is data poisoning attacks, which compromise model integrity by contaminating training data to make the resulting model skewed or unusable. This paper reviews the relevant researches on data poisoning attacks in various task environments: first, the classification of attacks is summarized, then the defense methods of data poisoning attacks are sorted out, and finally, the possible research directions in the prospect.
Published in: 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC)
Date of Conference: 11-13 July 2022
Date Added to IEEE Xplore: 29 September 2022
ISBN Information:
DOI: 10.1109/DSC55868.2022.00014
Conference Location: Guilin, China

Funding Agency:

Contents

I. Introduction

Currently, machine learning algorithms are widely used in various industries [1] –[3]. At the same time, their security has also received widespread attention from researchers. It has been shown that machine learning is potentially vulnerable to malicious attacks in both the training and inference phases, which may render the model unusable or skewed according to the attacker’s intent, with the main threat in the training phase being data poisoning attacks and the main threat in the inference phase being evasion attack. Training phase, but also a few attacks in the inference phase, so some of the backdoor attacks belong to a special kind of data poisoning attack. Data poisoning attacks can be broadly classified into two categories: availability attack and targeted attack, as shown in Fig 1. An availability attack aims to corrupt the model classifier as much as possible; a targeted attack aims to have an impact on specific data points and manipulate specific output results. In addition, two special attacks, clean-label attack [4] and label-flipping attack [5], have been studied according to the control over the training data labels.

Contact IEEE to Subscribe
More Like This
An Efficient Training Data Collection Method for Machine Learning-Based Frequency Selective Surface Design

IEEE Antennas and Wireless Propagation Letters

Published: 2024

Methodology for Training Data Science Skills Based on Competitions on the Kaggle Platform

2023 Seminar on Information Computing and Processing (ICP)

Published: 2023

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.