Abstract: This disclosure relates generally to online learning against data poisoning attack. Conventional methods used data sanitization techniques for online learning against data poisoning attack. However, these methods do not remove poisoned data points from training dataset completely. Embodiments of the present disclosure method provide an influence based defense method for secure online learning against data poisoning attack. The method initially filters a subset of poisoned data points in the training dataset for training a machine learning model using data sanitization technique. Further the method computes an influence of the data points and performs an influence minimization based on a predefined threshold. Updated data points for the learning model are generated and used for training the machine learning model. The disclosed method can be used against data poisoning attacks in applications such as spam filtering, malware detection, recommender system and so on.

Abstract: Data-driven applications depend on training data obtained from multiple internal and external data sources. Hence poisoning of the training data can cause adverse effects in the data driven applications. Conventional methods identifies contaminated test samples and avert them from entering into the training. A generic approach covering all data-driven applications and all types of data poisoning attacks in an efficient manner is challenging. Initially, data aggregation is performed after receiving a ML application for testing. A plurality of feature vectors are extracted from the aggregated data and a poisoned data set is generated. A plurality of personas are generated and are further prioritized to obtain a plurality of attack personas. Further, a plurality of security assessment vectors are computed for each of the plurality of attack personas. A plurality of preventive measures are recommended for each of the plurality of attack personas based on the corresponding security assessment vector.

Abstract: This disclosure relates generally to online learning against data poisoning attack. Conventional methods used data sanitization techniques for online learning against data poisoning attack. However, these methods do not remove poisoned data points from training dataset completely. Embodiments of the present disclosure method provide an influence based defense method for secure online learning against data poisoning attack. The method initially filters a subset of poisoned data points in the training dataset for training a machine learning model using data sanitization technique. Further the method computes an influence of the data points and performs an influence minimization based on a predefined threshold. Updated data points for the learning model are generated and used for training the machine learning model. The disclosed method can be used against data poisoning attacks in applications such as spam filtering, malware detection, recommender system and so on.

Abstract: Data-driven applications depend on training data obtained from multiple internal and external data sources. Hence poisoning of the training data can cause adverse effects in the data driven applications. Conventional methods identifies contaminated test samples and avert them from entering into the training. A generic approach covering all data-driven applications and all types of data poisoning attacks in an efficient manner is challenging. Initially, data aggregation is performed after receiving a ML application for testing. A plurality of feature vectors are extracted from the aggregated data and a poisoned data set is generated. A plurality of personas are generated and are further prioritized to obtain a plurality of attack personas. Further, a plurality of security assessment vectors are computed for each of the plurality of attack personas. A plurality of preventive measures are recommended for each of the plurality of attack personas based on the corresponding security assessment vector.