107 papers with code • 0 benchmarks • 0 datasets
Data Poisoning is an adversarial attack that tries to manipulate the training dataset in order to control the prediction behavior of a trained model such that the model will label malicious examples into a desired classes (e.g., labeling spam e-mails as safe).
These leaderboards are used to track progress in Data Poisoning
The proposed attacks use "clean-labels"; they don't require the attacker to have any control over the labeling of training data.
In recent years, there has been a growing interest in the effects of data poisoning attacks on data-driven control methods.
In this paper, we develop three attacks that can bypass a broad range of common data sanitization defenses, including anomaly detectors based on nearest neighbors, training loss, and singular-value decomposition.
Recent work has identified that classification models implemented as neural networks are vulnerable to data-poisoning and Trojan attacks at training time.
Existing attacks for data poisoning neural networks have relied on hand-crafted heuristics, because solving the poisoning problem directly via bilevel optimization is generally thought of as intractable for deep models.
Data poisoning and backdoor attacks manipulate training data in order to cause models to fail during inference.