Current browse context:
cs.LG
Change to browse by:
References & Citations
Computer Science > Machine Learning
Title: Poisoning Attacks on Algorithmic Fairness
(Submitted on 15 Apr 2020 (v1), last revised 26 Jun 2020 (this version, v3))
Abstract: Research in adversarial machine learning has shown how the performance of machine learning models can be seriously compromised by injecting even a small fraction of poisoning points into the training data. While the effects on model accuracy of such poisoning attacks have been widely studied, their potential effects on other model performance metrics remain to be evaluated. In this work, we introduce an optimization framework for poisoning attacks against algorithmic fairness, and develop a gradient-based poisoning attack aimed at introducing classification disparities among different groups in the data. We empirically show that our attack is effective not only in the white-box setting, in which the attacker has full access to the target model, but also in a more challenging black-box scenario in which the attacks are optimized against a substitute model and then transferred to the target model. We believe that our findings pave the way towards the definition of an entirely novel set of adversarial attacks targeting algorithmic fairness in different scenarios, and that investigating such vulnerabilities will help design more robust algorithms and countermeasures in the future.
Submission history
From: David Solans [view email][v1] Wed, 15 Apr 2020 08:07:01 GMT (1742kb,D)
[v2] Thu, 23 Apr 2020 13:09:38 GMT (1742kb,D)
[v3] Fri, 26 Jun 2020 08:17:44 GMT (1782kb,D)
Link back to: arXiv, form interface, contact.