PALOR: poisoning attacks against logistic regression

Jialin Wen, Benjamin Zi Hao Zhao, Minhui Xue, Haifeng Qian*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

3 Citations (Scopus)

Abstract

With Google, Amazon, Microsoft, and other entities establishing “Machine Learning as a Service” (MLaaS), ensuring the security of the resulting machine learning models has become an increasingly important topic. The security community has demonstrated that MLaaS contains many potential security risks, with new risks constantly being discovered. In this paper, we focus on one of these security risks – data poisoning attacks. Specifically, we analyze how attackers interfere with the results of logistic regression by poisoning the training datasets. To this end, we analyze and propose an alternative formulation for the optimization of poisoning training points capable of poisoning the logistic regression classifier, a model that has previously not been susceptible to poisoning attacks. We evaluate the performance of our proposed attack algorithm on the three real-world datasets of wine cultivars, adult census information, and breast cancer diagnostics. The success of our proposed formulation is evident in decreasing testing accuracy of logistic regression models exposed to an increasing number of poisoned training samples.

Original languageEnglish
Title of host publicationInformation Security and Privacy
Subtitle of host publication25th Australasian Conference, ACISP 2020, Perth, WA, Australia, November 30 - December 2, 2020, proceedings
EditorsJoseph K. Liu, Hui Cui
Place of PublicationCham
PublisherSpringer, Springer Nature
Pages447-460
Number of pages14
ISBN (Electronic)9783030553043
ISBN (Print)9783030553036
DOIs
Publication statusPublished - 2020
Externally publishedYes
Event25th Australasian Conference on Information Security and Privacy, ACISP 2020 - Perth, Australia
Duration: 30 Nov 20202 Dec 2020

Publication series

NameLecture Notes In Computer Science
PublisherSpringer
Volume12248
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference25th Australasian Conference on Information Security and Privacy, ACISP 2020
Country/TerritoryAustralia
CityPerth
Period30/11/202/12/20

Keywords

  • Data poisoning
  • Logistic regression
  • Machine learning

Fingerprint

Dive into the research topics of 'PALOR: poisoning attacks against logistic regression'. Together they form a unique fingerprint.

Cite this