1、#SECTORCA BlackHatEventsPoison in the Wires:Interactive Network Visualization of Data Poisoning AttacksMaria Khodak#SECTORCA BlackHatEventsWhat is data poisoning?Attackers can cause a model to display false or misleading information by:Addition/InjectionModificationDeletion#SECTORCA BlackHatEventsHo
2、w does machine learning work?#SECTORCA BlackHatEventsWhere does data poisoning fit into all of this?#SECTORCA BlackHatEvents#SECTORCA BlackHatEventsData poisoning in context-BadNets-2017 paper introducing the concept of data poisoning to the world-Training models is time and resource heavy-outsource
3、 to cloud providers or download pre-trained models-BadNets:malicious neural networks-Work on regular inputs-Misbehave on trigger inputs(backdoor)Gu,T.,Dolan-Gavitt,B.,&Garg,S.(2019).BadNets:Identifying vulnerabilities in the machine learning model supply chain.*arXiv preprint arXiv:1708.06733*.#SECT
4、ORCA BlackHatEventsGu,T.,Dolan-Gavitt,B.,&Garg,S.(2019).BadNets:Identifying vulnerabilities in the machine learning model supply chain.*arXiv preprint arXiv:1708.06733*.#SECTORCA BlackHatEventsConsequences of Bad Data#SECTORCA BlackHatEventsResurrection of Tay:mechahitler-A more realistic and recent
5、 example of data poisoningHow it started:How its going:#SECTORCA BlackHatEventsWhat do we learn from all of these stories?Data provenance:-A record of the origin and history of a particular dataset-Think of it as the“diff”function#SECTORCA BlackHatEventsNetwork Science-Behind every complex system is
6、 a network that defines interactions between its components-Graphs are mathematical representations of networks-Graphs consist of:-Objects called vertices-Edges that connect nodes#SECTORCA BlackHatEventsWhy use network science as a tool for data poisoning?-Predictive power-Paths in networks can impl