ML Anthology

Online Data Poisoning Attacks

Xuezhou Zhang, Xiaojin Zhu, Laurent Lessard
L4DC 2020 pp. 201-210
/l4dc/2020/zhang2020l4dc-online/

Abstract

We study data poisoning attacks in the online learning setting, where training data arrive sequentially, and the attacker is eavesdropping the data stream and has the ability to contaminate the current data point to affect the online learning process. We formulate the optimal online attack problem as a stochastic optimal control problem, and provide a systematic solution using tools from model predictive control and deep reinforcement learning. We further provide theoretical analysis on the regret suffered by the attacker for not knowing the true data sequence. Experiments validate our control approach in generating near-optimal attacks on both supervised and unsupervised learning tasks.

PDF L4DC Semantic Scholar

Cite

Text

Zhang et al. "Online Data Poisoning Attacks." Proceedings of the 2nd Conference on Learning for Dynamics and Control, 2020.

Markdown

[Zhang et al. "Online Data Poisoning Attacks." Proceedings of the 2nd Conference on Learning for Dynamics and Control, 2020.](https://mlanthology.org/l4dc/2020/zhang2020l4dc-online/)

BibTeX

@inproceedings{zhang2020l4dc-online,
  title     = {{Online Data Poisoning Attacks}},
  author    = {Zhang, Xuezhou and Zhu, Xiaojin and Lessard, Laurent},
  booktitle = {Proceedings of the 2nd Conference on Learning for Dynamics and Control},
  year      = {2020},
  pages     = {201-210},
  volume    = {120},
  url       = {https://mlanthology.org/l4dc/2020/zhang2020l4dc-online/}
}