机器学习中的数据集安全：数据投毒、后门攻击及防御

Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses.

作者信息

Goldblum Micah, Tsipras Dimitris, Xie Chulin, Chen Xinyun, Schwarzschild Avi, Song Dawn, Madry Aleksander, Li Bo, Goldstein Tom

出版信息

IEEE Trans Pattern Anal Mach Intell. 2023 Feb;45(2):1563-1580. doi: 10.1109/TPAMI.2022.3162397. Epub 2023 Jan 6.

DOI:10.1109/TPAMI.2022.3162397

PMID:35333711

Abstract

As machine learning systems grow in scale, so do their training data requirements, forcing practitioners to automate and outsource the curation of training data in order to achieve state-of-the-art performance. The absence of trustworthy human supervision over the data collection process exposes organizations to security vulnerabilities; training data can be manipulated to control and degrade the downstream behaviors of learned models. The goal of this work is to systematically categorize and discuss a wide range of dataset vulnerabilities and exploits, approaches for defending against these threats, and an array of open problems in this space.

摘要

随着机器学习系统规模的扩大，其训练数据需求也随之增加，这迫使从业者将训练数据的管理自动化并外包出去，以实现最先进的性能。在数据收集过程中缺乏可靠的人工监督，使组织面临安全漏洞；训练数据可能会被操纵，以控制和降低学习模型的下游行为。这项工作的目标是系统地分类和讨论各种数据集漏洞及利用方式、抵御这些威胁的方法，以及该领域一系列未解决的问题。

相似文献

Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses.

IEEE Trans Pattern Anal Mach Intell. 2023 Feb;45(2):1563-1580. doi: 10.1109/TPAMI.2022.3162397. Epub 2023 Jan 6.

Learning a robust foundation model against clean-label data poisoning attacks at downstream tasks.

Neural Netw. 2024 Jan;169:756-763. doi: 10.1016/j.neunet.2023.10.034. Epub 2023 Nov 2.

Exploiting Missing Value Patterns for a Backdoor Attack on Machine Learning Models of Electronic Health Records: Development and Validation Study.

JMIR Med Inform. 2022 Aug 19;10(8):e38440. doi: 10.2196/38440.

Backdoor Learning: A Survey.

IEEE Trans Neural Netw Learn Syst. 2024 Jan;35(1):5-22. doi: 10.1109/TNNLS.2022.3182979. Epub 2024 Jan 4.

Detection of Backdoors in Trained Classifiers Without Access to the Training Set.

IEEE Trans Neural Netw Learn Syst. 2022 Mar;33(3):1177-1191. doi: 10.1109/TNNLS.2020.3041202. Epub 2022 Feb 28.

Systematic Poisoning Attacks on and Defenses for Machine Learning in Healthcare.

IEEE J Biomed Health Inform. 2015 Nov;19(6):1893-905. doi: 10.1109/JBHI.2014.2344095. Epub 2014 Jul 30.

Backdoor attacks against distributed swarm learning.

ISA Trans. 2023 Oct;141:59-72. doi: 10.1016/j.isatra.2023.03.034. Epub 2023 Mar 28.

Securing Machine Learning in the Cloud: A Systematic Review of Cloud Machine Learning Security.

Front Big Data. 2020 Nov 12;3:587139. doi: 10.3389/fdata.2020.587139. eCollection 2020.

The MongoDB injection dataset: A comprehensive collection of MongoDB - NoSQL injection attempts and vulnerabilities.

Data Brief. 2024 Mar 6;54:110289. doi: 10.1016/j.dib.2024.110289. eCollection 2024 Jun.

Backdoor Attack against Face Sketch Synthesis.

Entropy (Basel). 2023 Jun 25;25(7):974. doi: 10.3390/e25070974.

引用本文的文献

Unleashing the potential of prompt engineering for large language models.

Patterns (N Y). 2025 May 8;6(6):101260. doi: 10.1016/j.patter.2025.101260. eCollection 2025 Jun 13.

Restricted Boltzmann machine with Sobel filter dense adversarial noise secured layer framework for flower species recognition.

Sci Rep. 2025 Apr 10;15(1):12315. doi: 10.1038/s41598-025-95564-z.

LSTM-JSO framework for privacy preserving adaptive intrusion detection in federated IoT networks.

Sci Rep. 2025 Apr 2;15(1):11321. doi: 10.1038/s41598-025-95966-z.

A framework for mitigating malicious RLHF feedback in LLM training using consensus based reward.

Sci Rep. 2025 Mar 17;15(1):9177. doi: 10.1038/s41598-025-92889-7.

Roadmap of Adversarial Machine Learning in Internet of Things-Enabled Security Systems.

Sensors (Basel). 2024 Aug 9;24(16):5150. doi: 10.3390/s24165150.

Big data analytics and artificial intelligence aspects for privacy and security concerns for demand response modelling in smart grid: A futuristic approach.

Heliyon. 2024 Aug 5;10(15):e35683. doi: 10.1016/j.heliyon.2024.e35683. eCollection 2024 Aug 15.

Offline Reward Perturbation Boosts Distributional Shift in Online RL.

Uncertain Artif Intell. 2024 Jul;2024.

Federated Machine Learning, Privacy-Enhancing Technologies, and Data Protection Laws in Medical Research: Scoping Review.

J Med Internet Res. 2023 Mar 30;25:e41588. doi: 10.2196/41588.

Edge-Cloud Collaborative Defense against Backdoor Attacks in Federated Learning.

Sensors (Basel). 2023 Jan 17;23(3):1052. doi: 10.3390/s23031052.

文献AI研究员

20分钟写一篇综述，助力文献阅读效率提升50倍。

立即体验

用中文搜PubMed

大模型驱动的PubMed中文搜索引擎

马上搜索

文档翻译

学术文献翻译模型，支持多种主流文档格式。

立即体验

机器学习中的数据集安全：数据投毒、后门攻击及防御

Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses.

作者信息

出版信息

相似文献

引用本文的文献

文献AI研究员

用中文搜PubMed

文档翻译

Suppr 超能文献

相似文献

引用本文的文献