University of Illinois Urbana-Champaign

Provable stability defenses for targeted data poisoning

Vijitbenjaronk, Warut D.

Content Files
VIJITBENJARONK-THESIS-2020.pdf

Permalink

https://hdl.handle.net/2142/108638

Description

Title
Provable stability defenses for targeted data poisoning
Author(s)
Vijitbenjaronk, Warut D.
Issue Date
2020-07-22
Director of Research (if dissertation) or Advisor (if thesis)
Koyejo, Oluwasanmi
Department of Study
Computer Science
Discipline
Computer Science
Degree Granting Institution
University of Illinois at Urbana-Champaign
Degree Name
M.S.
Degree Level
Thesis
Date of Ingest
2020-10-07T22:44:46Z
Keyword(s)
  • data poisoning
  • machine learning
  • robust machine learning
  • stable support vector machine
  • algorithmic stability
  • uniform stability
  • adversarial machine learning
Abstract
Modern machine learning systems are often trained on massive, crowdsourced datasets. Due to the impossibility of checking this data, these systems may be susceptible to data poisoning attacks where malicious users inject false training data in order to influence the learned model. While recent work has focused primarily on the untargeted case, where the attacker's goal is to increase overall error, much less is understood about the theoretical underpinnings of targeted data poisoning attacks. These attacks try to cause the learned model to change its prediction on only a few targeted examples without raising suspicion. We suggest algorithmic stability as a sufficient condition for robustness against data poisoning, construct upper bounds on the possible effectiveness of data poisoning attacks against stable algorithms, and propose an algorithm that provides resilience against popular classes of attacks. Empirically, we report findings on the MNIST 1-7 image classification dataset and the TREC 2007 spam detection dataset that confirms our theoretical findings.
Graduation Semester
2020-08
Type of Resource
Thesis
Permalink
http://hdl.handle.net/2142/108638
Copyright and License Information
Copyright 2020 Warut D. Vijitbenjaronk

Owning Collections

Graduate Dissertations and Theses at Illinois PRIMARY
Graduate Theses and Dissertations at Illinois
Dissertations and Theses - Computer Science
Dissertations and Theses from the Siebel School of Computer Science