Skip to search formSkip to main contentSkip to account menu

Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization

This work proposes a novel poisoning algorithm based on the idea of back-gradient optimization, able to target a wider class of learning algorithms, trained with gradient-based procedures, including neural networks and deep learning architectures, and empirically evaluates its effectiveness on several application examples.
View on ACM (opens in a new tab)

Automated Dynamic Analysis of Ransomware: Benefits, Limitations and use for Detection

EldeRan, a machine learning approach for dynamically analysing and classifying ransomware, is presented, suggesting that dynamic analysis can support ransomware detection, since ransomware samples exhibit a set of characteristic features at run-time that are common across families, and that helps the early detection of new variants.
View PDF on arXiv (opens in a new tab)

Label Sanitization against Label Flipping Poisoning Attacks

This paper proposes an efficient algorithm to perform optimal label flipping poisoning attacks and a mechanism to detect and relabel suspicious data points, mitigating the effect of such poisoning attacks.
View PDF on arXiv (opens in a new tab)

Detection of Adversarial Training Examples in Poisoning Attacks through Anomaly Detection

This paper proposes a defence mechanism to mitigate the effect of these optimal poisoning attacks based on outlier detection, and shows empirically that the adversarial examples generated by these attack strategies are quite different from genuine points, as no detectability constrains are considered to craft the attack.
View PDF on arXiv (opens in a new tab)

Byzantine-Robust Federated Machine Learning through Adaptive Model Averaging

This paper introduces Adaptive Federated Averaging, a novel algorithm for robust federated learning that is designed to detect failures, attacks, and bad updates provided by participants in a collaborative model, and proposes a Hidden Markov Model to model and learn the quality of model Updates provided by each participant during training.
View PDF on arXiv (opens in a new tab)

Exact Inference Techniques for the Analysis of Bayesian Attack Graphs

An extensive experimental evaluation on synthetic Bayesian attack graphs with different topologies is performed, showing the computational advantages in terms of time and memory use of the proposed techniques when compared to existing approaches.
View on IEEE (opens in a new tab)

Procedural Noise Adversarial Examples for Black-Box Attacks on Deep Convolutional Networks

This paper introduces a structured approach for generating Universal Adversarial Perturbations (UAPs) with procedural noise functions, and unveils the systemic vulnerability of popular DCN models like Inception v3 and YOLO v3, with single noise patterns able to fool a model on up to 90% of the dataset.
View on ACM (opens in a new tab)

Poisoning Attacks with Generative Adversarial Nets

A novel generative model is introduced to craft systematic poisoning attacks against machine learning classifiers generating adversarial training examples, i.e. samples that look like genuine data points but that degrade the classifier's accuracy when used for training.
View PDF on arXiv (opens in a new tab)

Universal Adversarial Perturbations for Malware

While adversarial training in the feature space must deal with large and often unconstrained regions, UAPs in the problem space identify specific vulnerabilities that allow us to harden a classifier more effectively, shifting the challenges and associated cost of identifying new universal adversarial transformations back to the attacker.

Real-time Detection of Practical Universal Adversarial Perturbations

HyperNeuron is able to simultaneously detect both adversarial mask and patch UAPs with comparable or better performance than existing UAP defenses whilst introducing a significantly reduced latency of only 0.86 milliseconds per image, suggesting that many realistic and practical universal attacks can be reliably mitigated in real-time, which shows promise for the robust deployment of machine learning systems.
View PDF on arXiv (opens in a new tab)
By clicking accept or continuing to use the site, you agree to the terms outlined in our Privacy Policy (opens in a new tab), Terms of Service (opens in a new tab), and Dataset License (opens in a new tab)