Clean-label poisoning attack with perturbation causing dominant features

“…In [19], ATT_FLAV is introduced, which is a framework that enhances the robustness of federated learning-based autonomous driving models against poisoning attacks by using a bandit-based AttackRegion-UCB algorithm to dynamically choose the target attack label region in each round of training. In [20], scholars introduce a new type of data poisoning attack designed to preserve personal data privacy, that can also be used as a powerful clean-label backdoor attack. The attack operates by adding unnoticeable perturbations to clean data, to confuse DNNs into making incorrect classifications.…”

An Overview of Artificial Intelligence Security Issues

“…In [19], ATT_FLAV is introduced, which is a framework that enhances the robustness of federated learning-based autonomous driving models against poisoning attacks by using a bandit-based AttackRegion-UCB algorithm to dynamically choose the target attack label region in each round of training. In [20], scholars introduce a new type of data poisoning attack designed to preserve personal data privacy, that can also be used as a powerful clean-label backdoor attack. The attack operates by adding unnoticeable perturbations to clean data, to confuse DNNs into making incorrect classifications.…”

An Overview of Artificial Intelligence Security Issues

Artificial Intelligence and Machine Learning for Network Security: Quo Vadis?

Deep behavioral analysis of machine learning algorithms against data poisoning