毒物并非无迹：全无知晓检测毒物攻击

Oct, 2023

毒物并非无迹：全无知晓检测毒物攻击

Poison is Not Traceless: Fully-Agnostic Detection of Poisoning Attacks

Xinglong Chang, Katharina Dost, Gillian Dobbie, Jörg Wicker

TL;DR该论文提出了一种新颖的完全通用框架DIVA（检测隐形攻击），它仅通过分析潜在的被污染数据集来检测攻击，应用于一般的污染攻击，并在此论文中测试了DIVA对标签翻转攻击的效果。

Abstract

The performance of machine learning models depends on the quality of the underlying data. malicious actors can attack the model by poisoning the training data. Current detectors are tied to either specific data t