2020
DOI: 10.1609/aaai.v34i04.5770
|View full text |Cite
|
Sign up to set email alerts
|

Suspicion-Free Adversarial Attacks on Clustering Algorithms

Abstract: Clustering algorithms are used in a large number of applications and play an important role in modern machine learning– yet, adversarial attacks on clustering algorithms seem to be broadly overlooked unlike supervised learning. In this paper, we seek to bridge this gap by proposing a black-box adversarial attack for clustering models for linearly separable clusters. Our attack works by perturbing a single sample close to the decision boundary, which leads to the misclustering of multiple unperturbed samples, n… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
12
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
4
1

Relationship

1
4

Authors

Journals

citations
Cited by 13 publications
(12 citation statements)
references
References 33 publications
0
12
0
Order By: Relevance
“…Moreover, they studied the issue of adversarial attacks transferability in unsupervised ML models. Furthermore, the same authors in [145] proposed a definition for adversarial examples in clustering algorithms. Consequently, they presented a powerful black-box adversarial attack algorithm against clustering algorithms for linearly separable clusters.…”
Section: E Summary and Lessons Learntmentioning
confidence: 99%
“…Moreover, they studied the issue of adversarial attacks transferability in unsupervised ML models. Furthermore, the same authors in [145] proposed a definition for adversarial examples in clustering algorithms. Consequently, they presented a powerful black-box adversarial attack algorithm against clustering algorithms for linearly separable clusters.…”
Section: E Summary and Lessons Learntmentioning
confidence: 99%
“…Malicious entities can seek to disrupt fairness for their personal gains and agendas. As a starting point for investigating this, it would be useful to leverage work on data poisoning for clustering in a blackbox setting [181], [182]. Without changing the attack objective, the attack first proposed in [32] is especially powerful because it can be carried out without knowing the original clustering algorithm.…”
Section: Adversarial Attacks Against Fairnessmentioning
confidence: 99%
“…We can delineate a first approach for degrading fairness using the attack algorithm of [181] and for the fairness notion of bounded representation [86]. Let the clustering algorithm be k-means where k = 2.…”
Section: Adversarial Attacks Against Fairnessmentioning
confidence: 99%
See 2 more Smart Citations