Adversarial Label Flips Attack on Support Vector Machines
To develop a robust learning algorithm in the adversarial setting, it is important to understand the adversary's strategy. We address the problem of label flips attack where an adversary contaminates the training data through flipping labels. We analyze the objective of the adversary and formulate an optimization problem for finding the optimal label flips under a given budget. An attack algorithm targeting support vector machines (SVMs) is derived. Experiments demonstrate that the performance of SVMs is significantly degraded under the attack.
Adversarial Label Flips Attack on Support Vector Machines
| Authors: | Han Xiao, Huang Xiao, and Claudia Eckert |
| Year/month: | 2012/8 |
| Booktitle: | 20th European Conference on Artificial Intelligence (ECAI) |
| Address: | Montepellier, France |
| Note: | Regular Paper (AR: 28%) |
| Fulltext: | ecai2.pdf |
Abstract |
|
| To develop a robust learning algorithm in the adversarial setting, it is important to understand the adversary's strategy. We address the problem of label flips attack where an adversary contaminates the training data through flipping labels. We analyze the objective of the adversary and formulate an optimization problem for finding the optimal label flips under a given budget. An attack algorithm targeting support vector machines (SVMs) is derived. Experiments demonstrate that the performance of SVMs is significantly degraded under the attack. | |
Bibtex:
@conference { hanxiao2012a,author = { Han Xiao and Huang Xiao and Claudia Eckert },
title = { Adversarial Label Flips Attack on Support Vector Machines },
year = { 2012 },
month = { August },
booktitle = { 20th European Conference on Artificial Intelligence (ECAI) },
address = { Montepellier, France },
note = { Regular Paper (AR: 28%) },
url = {https://www.sec.in.tum.de/i20/publications/adversarial-label-flips-attack-on-support-vector-machines/@@download/file/ecai2.pdf}
}