PIs: Bo An (NTU), Chew Lock Yue (NTU), Christos Dimitrakakis (Chalmers), Devdatt Dubhashi (Chalmers)
Targeted problem: Data poisoning attacks on optimization-based supervised learning algorithms and their defense
- Understand vulnerabilities of supervised learning algorithms. We will find blind spots of a broad family of supervised learning algorithms.
- Design optimal defense strategies against data poisoning attacks. We will develop two defense frameworks: The detection framework aims to accurately and timely detect the occurrence of poisoning attacks and the mitigation framework aims to effectively reduce the influence of attacks on victim learning models.
- Improve solution robustness and evaluate proposed methods. We will refine the detection and mitigation frameworks and propose new algorithms to compute optimal defense. We will design evaluation frameworks and validate solutions on real-world data sets