Poisoning Attacks on Algorithmic Fairness
نویسندگان
چکیده
Research in adversarial machine learning has shown how the performance of models can be seriously compromised by injecting even a small fraction poisoning points into training data. While effects on model accuracy such attacks have been widely studied, their potential other metrics remain to evaluated. In this work, we introduce an optimization framework for against algorithmic fairness, and develop gradient-based attack aimed at introducing classification disparities among different groups We empirically show that our is effective not only white-box setting, which attacker full access target model, but also more challenging black-box scenario are optimized substitute then transferred model. believe findings pave way towards definition entirely novel set targeting fairness scenarios, investigating vulnerabilities will help design robust algorithms countermeasures future.
منابع مشابه
On Fairness, Diversity and Randomness in Algorithmic Decision Making
Consider a binary decision making process where a single machine learning classifier replaces a multitude of humans. We raise questions about the resulting loss of diversity in the decision making process. We study the potential benefits of using random classifier ensembles instead of a single classifier in the context of fairness-aware learning and demonstrate various attractive properties: (i...
متن کاملDemographics and discussion influence views on algorithmic fairness
The field of algorithmic fairness has highlighted ethical questions which may not have purely technical answers. For example, different algorithmic fairness constraints are often impossible to satisfy simultaneously, and choosing between them requires value judgments about which people may disagree. Achieving consensus on algorithmic fairness will be difficult unless we understand why people di...
متن کاملTargeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning
Deep learning models have achieved high performance on many tasks, and thus have been applied to many security-critical scenarios. For example, deep learning-based face recognition systems have been used to authenticate users to access many security-sensitive applications like payment apps. Such usages of deep learning systems provide the adversaries with sufficient incentives to perform attack...
متن کاملSome Submodular Data-Poisoning Attacks on Machine Learners
The security community has long recognized the threats of data-poisoning attacks (a.k.a. causative attacks) on machine learning systems [1–6, 9, 10, 12, 16], where an attacker modifies the training data, so that the learning algorithm arrives at a “wrong” model that is useful to the attacker. To quantify the capacity and limits of such attacks, we need to know first how the attacker may modify ...
متن کاملData Poisoning Attacks on Factorization-Based Collaborative Filtering
Recommendation and collaborative filtering systems are important in modern information and e-commerce applications. As these systems are becoming increasingly popular in the industry, their outputs could affect business decision making, introducing incentives for an adversarial party to compromise the availability or integrity of such systems. We introduce a data poisoning attack on collaborati...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Lecture Notes in Computer Science
سال: 2021
ISSN: ['1611-3349', '0302-9743']
DOI: https://doi.org/10.1007/978-3-030-67658-2_10